Bug 152247 - Could not relabel /dev/pts/x
Could not relabel /dev/pts/x
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
3
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-03-26 14:12 EST by Adam Bowns
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-03-28 13:59:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Adam Bowns 2005-03-26 14:12:16 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050323 Firefox/1.0.2 Fedora/1.0.2-1.3.1

Description of problem:
I keep noticing the following warning message in /var/log/messages

Warning! Could not relabel /dev/pts/1 with user_u:object_r:devpts_t, not relabeling.Operation not permitted

Sometimes the message has a different number eg. /dev/pts/2, /dev/pts/0.

I think it is being caused by running a "fixfiles relabel" when "su -" as root at a terminal.

Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.17.30-2.90

How reproducible:
Sometimes

Steps to Reproduce:
1. Log in as normal user.
2. Open terminal.
3. su -
4. fixfiles relabel
  

Actual Results:  Sometimes the warning message appears.

Expected Results:  No warning message.

Additional info:
Comment 1 Daniel Walsh 2005-03-28 11:00:44 EST
First off why are you fixfiles relabeling all the time?

This is denying you the right to relabel the terminal you are currently on.  So
this is expected and probably what you want.  When you  exit the su the terminal
will get set back to the default.

Dan
Comment 2 Adam Bowns 2005-03-28 13:11:50 EST
I'm probably going about it the wrong way, but the reason I've been doing a
fixfiles relabel is if I've copied something say from root's directory to my
home directory and set the permissions and ownership the same way I would do on
a non SELinux system, you still need to change each files SELinux attributes in
order to read them, the only reason I've been using fixfiles relabel for this is
its quicker than going through each file individually... probably a misuse of
the program, but it seems to do the job :-)

This is probably not a bug then.

Regards,
Adam
Comment 3 Daniel Walsh 2005-03-28 13:59:36 EST
You probably want to use restorecon for this.

restorecon -R -v /home/USERNAME 
Would recursively walk the homedirectory and fix the context.  
restorecon -v /home/USERNAME/file_name 
Fixes it for a single file.

cp should pick up the security context of the destination directory if it is not
going across mount points.

chcon also alows you to set the security context for an individual file.  It has
similar command to chmod.  chcon -t user_home_t /home/USERNAME/file_name would
change the type componant to user_home_t.

fixfiles relabel will run through the entire file system and read every single file.

Dan

Note You need to log in before you can comment on or make changes to this bug.