1623124 – /dev/mtd0 is a character device and should have a more specific label than device_t

Bug 1623124 - /dev/mtd0 is a character device and should have a more specific label than device_t

Summary: /dev/mtd0 is a character device and should have a more specific label than de...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	selinux-policy
Sub Component:
Version:	7.6
Hardware:	ppc64
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Lukas Vrabec
QA Contact:	Milos Malik
Docs Contact:
URL:
Whiteboard:
Depends On:	1488322
Blocks:
TreeView+	depends on / blocked

Reported:	2018-08-28 14:13 UTC by Milos Malik
Modified:	2018-10-30 10:10 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1488322
Environment:
Last Closed:	2018-10-30 10:09:38 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2018:3111	None	None	None	2018-10-30 10:10:13 UTC

Description Milos Malik 2018-08-28 14:13:11 UTC

+++ This bug was initially created as a clone of Bug #1488322 +++

Description of problem:
/dev/mtd0 is a character device, but current SELinux policy file contexts are defined for block devices.

Version-Release number of selected component (if applicable):
selinux-policy-3.13.1-220.el7.noarch
selinux-policy-targeted-3.13.1-220.el7.noarch

How reproducible:
* always when the device is available

Steps to Reproduce:
1. get a RHEL 7.x machine equipped with a Memory Technology Device (MTD)
2. ls -Z /dev/mtd*
3. matchpathcon /dev/mtd*

Actual results:
# semanage fcontext -l | grep mtd
/dev/mtd.*    block device    system_u:object_r:fixed_disk_device_t:s0 
#

Expected results:
# semanage fcontext -l | grep mtd
/dev/mtd.*    character device    system_u:object_r:fixed_disk_device_t:s0 
#

Additional information:
 * https://boundarydevices.com/boot-flash-access-linux/

Comment 4 errata-xmlrpc 2018-10-30 10:09:38 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:3111

Note You need to log in before you can comment on or make changes to this bug.