Bug 138596 - Invalid File Context: lockdev.fc
Summary: Invalid File Context: lockdev.fc
Keywords:
Status: CLOSED DEFERRED
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-strict
Version: rawhide
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-11-10 04:06 UTC by Alex Ackerman
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2004-11-10 15:44:32 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Alex Ackerman 2004-11-10 04:06:32 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3)
Gecko/20041104 Firefox/1.0RC1

Description of problem:
Installed selinux-policy-strict*-1.18.2-3. Tried to do a 'make
relabel' prior to reboot and the following error comes up:

/usr/sbin/setfiles:  invalid context system_u:object_r:lockdev_exec_t
on line number 1384

It refers to line 2 of /file_contexts/program/lockdev.fc

# ls -l file_contexts/program/lockdev.fc
-rw-------  1 root root 70 Nov  8 10:33 file_contexts/program/lockdev.fc

This file was not modified on my system after install.

Version-Release number of selected component (if applicable):
1.18.2-3

How reproducible:
Always

Steps to Reproduce:
1. cd /etc/selinux/strict/src/policy/
2. make relabel

    

Actual Results:  Building file_contexts ...
/usr/sbin/setfiles file_contexts/file_contexts `mount | grep -v
"context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[23]|
xfs|reiserfs).*rw/{print $3}';`
/usr/sbin/setfiles:  read 1581 specifications
/usr/sbin/setfiles:  invalid context system_u:object_r:lockdev_exec_t
on line number 1384
make: *** [relabel] Error 1


Expected Results:  All file defined file contexts should compile and
allow the system to relabel.

Additional info:

Comment 1 Daniel Walsh 2004-11-10 15:29:00 UTC
I am not seeing that.  Did you do a make load first?

Dan

Comment 2 Alex Ackerman 2004-11-10 15:44:32 UTC
Nevermind.  I think I see what happened.  When the rpm loaded the new 
strict policy and sources, it may or may not have loaded the new 
policy. The binary policy file located in the sources directory was 
for a previous version of the policy sources.  When it tried to do a 
relabel, it grabbed the rules from the old policy (which didn't have 
the lockdev.te defs).  Sorry about that.  Please close bug with 
NOTABUG.

Alex



Note You need to log in before you can comment on or make changes to this bug.