Bug 1798530 - grub2-efi-x64 tries to set selinux perms on vfat filesystem
Summary: grub2-efi-x64 tries to set selinux perms on vfat filesystem
Keywords:
Status: CLOSED DUPLICATE of bug 1777502
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: grub2
Version: 8.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 8.0
Assignee: Bootloader engineering team
QA Contact: Release Test Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-02-05 14:45 UTC by Jason Edgecombe
Modified: 2020-05-27 13:35 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-05-27 13:35:28 UTC
Type: Bug
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Jason Edgecombe 2020-02-05 14:45:58 UTC
Description of problem:
When running "yum upgrade", the "grub2-efi-x64-1:2.02-78.el8_1.1.x86_64" package throws an selinux error:
    error: lsetfilecon: (/boot/efi/EFI/redhat/fonts, system_u:object_r:boot_t:s0) Operation not supported
    error: lsetfilecon: (/boot/efi/EFI/redhat/grubx64.efi;5e3ad239, system_u:object_r:boot_t:s0) Operation not supported

Version-Release number of selected component (if applicable):
grub2-efi-x64-1:2.02-78.el8_1.1.x86_64

How reproducible:
every time

Steps to Reproduce:
1. sudo yum -y downgrade grub2-efi-x64.x86_64
2. sudo yum -y upgrade grub2-efi-x64.x86_64

Actual results:
Throws an error:
error: lsetfilecon: (/boot/efi/EFI/redhat/fonts, system_u:object_r:boot_t:s0) Operation not supported
error: lsetfilecon: (/boot/efi/EFI/redhat/grubx64.efi;5e3ad420, system_u:object_r:boot_t:s0) Operation not supported


Expected results:
No error.

Additional info:

Since the EFI partition is vfat and vfat doesn't support selinux attributes, it makes sense to set the selinux as part of the mount options, but  not on the files themselves.

Comment 1 Javier Martinez Canillas 2020-05-27 13:35:28 UTC

*** This bug has been marked as a duplicate of bug 1777502 ***


Note You need to log in before you can comment on or make changes to this bug.