This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 155556 - nash creating nodes, should't this be done by udev?
nash creating nodes, should't this be done by udev?
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: udev (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Harald Hoyer
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-04-21 08:36 EDT by Daniel Walsh
Modified: 2007-11-30 17:11 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-04-21 10:24:14 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Daniel Walsh 2005-04-21 08:36:06 EDT
Description of problem:

We are trying to write better SELinux policy for the initscripts and we came
accross rc.sysinit requireing the ability to mk blk devices on /dev.  
Can't this functionality be moved to udev?

diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/initrc.te 
policy-1.23.11/domains/program/initrc.te
--- nsapolicy/domains/program/initrc.te 2005-03-24 08:58:25.000000000 -0500
+++ policy-1.23.11/domains/program/initrc.te    2005-04-14 15:30:19.000000000 
-0400
@@ -12,7 +12,7 @@
 # initrc_exec_t is the type of the init program.
 #
 # do not use privmail for sendmail as it creates a type transition conflict
-type initrc_t, ifdef(`unlimitedRC', `admin, etc_writer, fs_domain, privmem, 
auth_write, ') domain, privlog, privowner, privmodule, ifdef(`sendmail.te', 
`', `privmail,') ifdef(`distro_debian', `etc_writer, ') sysctl_kernel_writer, 
nscd_client_domain;
+type initrc_t, fs_domain, ifdef(`unlimitedRC', `admin, etc_writer, privmem, 
auth_write, ') domain, privlog, privowner, privmodule, ifdef(`sendmail.te', 
`', `privmail,') ifdef(`distro_debian', `etc_writer, ') sysctl_kernel_writer, 
nscd_client_domain;
 
 role system_r types initrc_t;
 uses_shlib(initrc_t);

Note that the above is needed for the following command:
echo "raidautorun /dev/md0" | nash --quiet
Comment 1 Harald Hoyer 2005-04-21 08:40:16 EDT
why is this assigned to udev?
Comment 2 Daniel Walsh 2005-04-21 08:46:05 EDT
Because I think udev should be doing it.  I also cc'd Bill.,
Comment 3 Harald Hoyer 2005-04-21 09:15:29 EDT
then the kernel module has to send hotplug events and udev will create those
devices... no change to udev needed!!
Comment 4 Bill Nottingham 2005-04-21 10:24:14 EDT
It doesn't work that way.

The raidautorun command requires a device node to operate on (basically, to send
the ioctl on).

*Then*, it scans the partitions and actually creates the raid devices. This is
what would send the hotplug event.
Comment 5 Daniel Walsh 2005-04-21 10:34:07 EDT
SO should I give these privs to nash and only allow nash to be tansitioned by
initrc?

Is nash used by anything else?

Dan
Comment 6 Bill Nottingham 2005-04-21 16:21:00 EDT
Yeah, that sounds about right.

nash is used on the initrd. Don't think it's used anywhere else.

Note You need to log in before you can comment on or make changes to this bug.