Bug 138596 - Invalid File Context: lockdev.fc
Summary: Invalid File Context: lockdev.fc
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-strict (Show other bugs)
(Show other bugs)
Version: rawhide
Hardware: i686 Linux
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2004-11-10 04:06 UTC by Alex Ackerman
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-11-10 15:44:32 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Alex Ackerman 2004-11-10 04:06:32 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3)
Gecko/20041104 Firefox/1.0RC1

Description of problem:
Installed selinux-policy-strict*-1.18.2-3. Tried to do a 'make
relabel' prior to reboot and the following error comes up:

/usr/sbin/setfiles:  invalid context system_u:object_r:lockdev_exec_t
on line number 1384

It refers to line 2 of /file_contexts/program/lockdev.fc

# ls -l file_contexts/program/lockdev.fc
-rw-------  1 root root 70 Nov  8 10:33 file_contexts/program/lockdev.fc

This file was not modified on my system after install.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. cd /etc/selinux/strict/src/policy/
2. make relabel


Actual Results:  Building file_contexts ...
/usr/sbin/setfiles file_contexts/file_contexts `mount | grep -v
"context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[23]|
xfs|reiserfs).*rw/{print $3}';`
/usr/sbin/setfiles:  read 1581 specifications
/usr/sbin/setfiles:  invalid context system_u:object_r:lockdev_exec_t
on line number 1384
make: *** [relabel] Error 1

Expected Results:  All file defined file contexts should compile and
allow the system to relabel.

Additional info:

Comment 1 Daniel Walsh 2004-11-10 15:29:00 UTC
I am not seeing that.  Did you do a make load first?


Comment 2 Alex Ackerman 2004-11-10 15:44:32 UTC
Nevermind.  I think I see what happened.  When the rpm loaded the new 
strict policy and sources, it may or may not have loaded the new 
policy. The binary policy file located in the sources directory was 
for a previous version of the policy sources.  When it tried to do a 
relabel, it grabbed the rules from the old policy (which didn't have 
the lockdev.te defs).  Sorry about that.  Please close bug with 


Note You need to log in before you can comment on or make changes to this bug.