Description of problem: When a new kernel package is installed, the rpm script calls an undocumented utility by the name of "/usr/sbin/hardlink" that evidently finds duplicate files in different paths and hard links them together. I suppose the point of this is to save disk space. This hard linking causes issues with SELinux. When I run "fixfiles relabel" afterward messages like this get syslogged: /usr/sbin/setfiles: conflicting specifications for /lib/modules/2.6.9-1.667/build/usr/Makefile and /usr/src/linux-2.6.9x/usr/Makefile, using system_u:object_r:modules_object_t. Notice how it has hard linked a file in /lib/modules to a file in /usr/src. SELinux can't handle this because the two paths use different contents -- /lib/modules uses "system_u:object_r:modules_object_t", while /usr/src uses "system_u:object_r:src_t". (See /etc/selinux/targeted/src/policy/file_contexts/file_contexts.) Version-Release number of selected component (if applicable): kernel-2.6.9-1.667 How reproducible: Always Steps to Reproduce: 1. Place a vanilla kernel in /usr/src/linux-2.6.9x and "make bzImage/modules/modules_install/install" it from there. 2. Install kernel-2.6.9-1.667 Actual Results: Files from /lib/modules/2.6.9-1.667 and /usr/src/linux-2.6.9x are hard linked together. Expected Results: They should not be hard linked together. (Just get rid of the "hardlink" call?) Additional info:
What policy are you running? Dan
This is not a bug in the policy, it's a bug in the kernel package. Files under /usr/src should not be involved in any package install. The fact that /usr/src may have files identical to files in kernel packages is not relevant to the package install process.
An update has been released for Fedora Core 3 (kernel-2.6.12-1.1372_FC3) which may contain a fix for your problem. Please update to this new kernel, and report whether or not it fixes your problem. If you have updated to Fedora Core 4 since this bug was opened, and the problem still occurs with the latest updates for that release, please change the version field of this bug to 'fc4'. Thank you.
This bug has been automatically closed as part of a mass update. It had been in NEEDINFO state since July 2005. If this bug still exists in current errata kernels, please reopen this bug. There are a large number of inactive bugs in the database, and this is the only way to purge them. Thank you.