Bug 246507 - SELinux is preventing /usr/sbin/lvm (lvm_t) "write" to .cache (lvm_etc_t).
SELinux is preventing /usr/sbin/lvm (lvm_t) "write" to .cache (lvm_etc_t).
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy (Show other bugs)
5.0
x86_64 Linux
low Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-07-02 14:38 EDT by Scott Merrill
Modified: 2012-10-16 04:13 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-07-03 10:23:32 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Scott Merrill 2007-07-02 14:38:06 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.0.12) Gecko/20070529 Red Hat/1.5.0.12-1.el5 Firefox/1.5.0.12

Description of problem:
While trying to run the Logical Volume Manager to re-organize my disk partitions, I received an SELinux policy violation message.  The SELinux Troubleshooter says

SELinux denied access requested by /usr/sbin/lvm. It is not expected that this access is required by /usr/sbin/lvm and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.

Source Context:  system_u:system_r:lvm_t
Target Context:  system_u:object_r:lvm_etc_t
Target Objects:  .cache [ file ]
Affected RPM Packages:  lvm2-2.02.16-3.el5 [application]
Policy RPM:  selinux-policy-2.4.6-30.el5
Selinux Enabled:  TrueP
olicy Type:  targeted
MLS Enabled:  True
Enforcing Mode:  Permissive
Plugin Name:  plugins.catchall_file
Host Name:  ghomech.mecheng.ohio-state.edu
Platform:  Linux ghomech.mecheng.ohio-state.edu 2.6.18-8.1.4.el5 #1 SMP Fri May 4 22:15:17 EDT 2007 x86_64 x86_64
Alert Count:  1
Line Numbers:  
 
Raw Audit Messages :
avc: denied { write } for comm="lvm" dev=cciss/c0d0p2 egid=0 euid=0 exe="/usr/sbin/lvm" exit=3 fsgid=0 fsuid=0 gid=0 items=0 name=".cache" pid=2901 scontext=system_u:system_r:lvm_t:s0 sgid=0 subj=system_u:system_r:lvm_t:s0 suid=0 tclass=file tcontext=system_u:object_r:lvm_etc_t:s0 tty=(none) uid=0

Version-Release number of selected component (if applicable):
selinux-policy-2.4.6-30.el5

How reproducible:
Always


Steps to Reproduce:
1. Select System -> Administration -> Logical Volume Management
2.
3.

Actual Results:


Expected Results:


Additional info:
Comment 1 Daniel Walsh 2007-07-03 10:23:32 EDT
restorecon -R -v /etc/lvm

Should fix this.

Please update policy from http://people.redhat.com/dwalsh/SELinux/RHEL5
(U1 Policy)

Note You need to log in before you can comment on or make changes to this bug.