Bug 138561 - Installing kernel package hard links files from other kernels, causes SELinux warnings
Installing kernel package hard links files from other kernels, causes SELinux...
Status: CLOSED CANTFIX
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
3
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Russell Coker
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-11-09 16:44 EST by Jordan Russell
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-10-02 21:21:51 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jordan Russell 2004-11-09 16:44:23 EST
Description of problem:
When a new kernel package is installed, the rpm script calls an
undocumented utility by the name of "/usr/sbin/hardlink" that
evidently finds duplicate files in different paths and hard links them
together. I suppose the point of this is to save disk space.

This hard linking causes issues with SELinux. When I run "fixfiles
relabel" afterward messages like this get syslogged:

/usr/sbin/setfiles:  conflicting specifications for
/lib/modules/2.6.9-1.667/build/usr/Makefile and
/usr/src/linux-2.6.9x/usr/Makefile, using
system_u:object_r:modules_object_t.

Notice how it has hard linked a file in /lib/modules to a file in
/usr/src. SELinux can't handle this because the two paths use
different contents -- /lib/modules uses
"system_u:object_r:modules_object_t", while /usr/src uses
"system_u:object_r:src_t".
(See /etc/selinux/targeted/src/policy/file_contexts/file_contexts.)

Version-Release number of selected component (if applicable):
kernel-2.6.9-1.667

How reproducible:
Always

Steps to Reproduce:
1. Place a vanilla kernel in /usr/src/linux-2.6.9x and "make
bzImage/modules/modules_install/install" it from there.
2. Install kernel-2.6.9-1.667

Actual Results:  Files from /lib/modules/2.6.9-1.667 and
/usr/src/linux-2.6.9x are hard linked together.

Expected Results:  They should not be hard linked together. (Just get
rid of the "hardlink" call?)

Additional info:
Comment 1 Daniel Walsh 2005-04-19 11:59:34 EDT
What policy are you running?

Dan
Comment 2 Russell Coker 2005-04-20 00:46:05 EDT
This is not a bug in the policy, it's a bug in the kernel package.  Files 
under /usr/src should not be involved in any package install.  The fact 
that /usr/src may have files identical to files in kernel packages is not 
relevant to the package install process. 
Comment 4 Dave Jones 2005-07-15 15:18:10 EDT
An update has been released for Fedora Core 3 (kernel-2.6.12-1.1372_FC3) which
may contain a fix for your problem.   Please update to this new kernel, and
report whether or not it fixes your problem.

If you have updated to Fedora Core 4 since this bug was opened, and the problem
still occurs with the latest updates for that release, please change the version
field of this bug to 'fc4'.

Thank you.
Comment 5 Dave Jones 2005-10-02 21:21:51 EDT
This bug has been automatically closed as part of a mass update.
It had been in NEEDINFO state since July 2005.
If this bug still exists in current errata kernels, please reopen this bug.

There are a large number of inactive bugs in the database, and this is the only
way to purge them.

Thank you.

Note You need to log in before you can comment on or make changes to this bug.