Description of problem: Trying to mount a hfsplus partition with selinux in enabled mode fails dmesg shows hfs: write access to a jounaled filesystem is not supported, use the force option at your own risk, mounting read-only. SELinux: initialized (dev sdf3, type hfsplus), not configured for labelinghfs: write access to a jounaled filesystem is not supported, use the force option at your own risk, mounting read-only. SELinux: initialized (dev sdf3, type hfsplus), not configured for labeling that is from trying to mount my ipod on a x86_64 machine. i also got this on my powerbook trying to mount the mac partition to extract wireless firmware. we should handle the situation as im sure apple will not add selinux support to there filessytem Version-Release number of selected component (if applicable): How reproducible: always Steps to Reproduce: 1. mount hfsplus partition 2. 3. Actual results: not mounted Expected results: mounted Additional info:
Same applies for hfs attempt to mount hfs then hfsplus partitions: type=AVC msg=audit(1141774478.209:206): avc: denied { mount } for pid=13971 comm="mount" name="/" dev=sda2 ino=2 scontext=root:system_r:mount_t:s0-s0:c0.c255 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem type=SYSCALL msg=audit(1141774478.209:206): arch=14 syscall=21 success=yes exit=-13 a0=10039b78 a1=10039b88 a2=10039b98 a3=c0ed0001 items=2 pid=13971 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="mount" exe="/bin/mount" type=CWD msg=audit(1141774478.209:206): cwd="/root" type=PATH msg=audit(1141774478.209:206): item=0 name="/mnt/" flags=1 inode=94142465 dev=fd:00 mode=040755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1141774478.209:206): item=1 flags=1 inode=861 dev=00:10 mode=060640 ouid=0 ogid=6 rdev=08:02 type=AVC msg=audit(1141774621.173:214): avc: denied { mount } for pid=14004 comm="mount" name="/" dev=sda4 ino=2 scontext=root:system_r:mount_t:s0-s0:c0.c255 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem type=SYSCALL msg=audit(1141774621.173:214): arch=14 syscall=21 success=yes exit=-13 a0=10039b78 a1=10039b88 a2=10039b98 a3=c0ed0001 items=2 pid=14004 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="mount" exe="/bin/mount" type=CWD msg=audit(1141774621.173:214): cwd="/root" type=PATH msg=audit(1141774621.173:214): item=0 name="/mnt/" flags=1 inode=94142465 dev=fd:00 mode=040755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1141774621.173:214): item=1 flags=1 inode=849 dev=00:10 mode=060640 ouid=0 ogid=6 rdev=08:04
I set up a mapping between hfsplus and nfs_t so that it can be used. I am not sure how we should label it but this should get it working. selinux-policy-2.2.23-7
works with selinux-policy-2.2.23-11 that was released to rawhide this morning
should this now be closed?