192839 – selinux policy targeted broken (paths / restorecon / relabel)

Bug 192839 - selinux policy targeted broken (paths / restorecon / relabel)

Summary: selinux policy targeted broken (paths / restorecon / relabel)

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy-targeted
Sub Component:
Version:	5
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	urgent
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:
Docs Contact:
URL:	http://www.redhat.com/archives/fedora...
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-05-23 15:19 UTC by drago01
Modified:	2007-11-30 22:11 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-02-09 11:09:09 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
semanage fcontext --list output (178.74 KB, text/plain) 2006-05-23 15:24 UTC, drago01	no flags	Details
View All

Description drago01 2006-05-23 15:19:20 UTC

Description of problem:
Selinux seems to be broken here the default file labels are incorrect (those set
by restorecon / fixfiles etc.)
/lib64/ld-2.4.so should be ld_so_t but it is lib_t same for dirs in / are 
incorrect:
drwxr-x---  root     root     root:object_r:user_home_dir_t    root
drwxr-xr-x  root     root     system_u:object_r:home_root_t    home
drwxr-xr-x  root     root     system_u:object_r:usr_t          opt
see link for more details
Version-Release number of selected component (if applicable):
selinux-policy-targeted-2.2.40-1.fc5
had 2.2.38 before updated has not helped.

How reproducible:
always

Steps to Reproduce:
1. boot using targeted policy
2. notice errors
  
Actual results:
wrong context is used for file and dirs

Expected results:
right context should be used

Additional info:
sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 20
Policy from config file:        targeted
kernel:
2.6.16-1.2122_FC5
Filesystem: ext3 on md raid0
Arch: x86_64 on dual core opteron.

Comment 1 drago01 2006-05-23 15:24:13 UTC

Created attachment 129874 [details]
semanage fcontext --list output

Comment 2 drago01 2006-05-23 16:03:59 UTC

forgot about the dirs in / they are correct I just got confused by the names,
the only problem that remains is /lib64/ld-2.4.so

Comment 3 Daniel Walsh 2006-05-23 17:57:59 UTC

Fixed in selinux-policy-2.2.42-2.fc5

Comment 4 drago01 2007-02-09 11:09:09 UTC

closing because its fixed  ;)

Note You need to log in before you can comment on or make changes to this bug.