Bug 483371 - restorecond errors in logs about files with hardlinks
restorecond errors in logs about files with hardlinks
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: policycoreutils (Show other bugs)
20
x86_64 Linux
low Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-01-30 21:48 EST by D. Wagner
Modified: 2014-02-13 12:52 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-02-13 15:57:23 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description D. Wagner 2009-01-30 21:48:45 EST
Description of problem:

restorecond is spamming /var/log/messages with the following messages:

Jan 30 18:23:21 senfl restorecond: Will not restore a file with more than one ha
rd link (/root/.history.LOCK) No such file or directory
Jan 30 18:23:28 senfl restorecond: Will not restore a file with more than one ha
rd link (/root/.history.LOCK) No such file or directory
Jan 30 18:26:18 senfl restorecond: Will not restore a file with more than one ha
rd link (/root/.history.LOCK) No such file or directory
Jan 30 18:26:24 senfl restorecond: Will not restore a file with more than one ha
rd link (/root/.history.LOCK) No such file or directory
Jan 30 18:26:29 senfl restorecond: Will not restore a file with more than one ha
rd link (/root/.history.LOCK) No such file or directory
Jan 30 18:26:41 senfl restorecond: Will not restore a file with more than one ha
rd link (/root/.history.LOCK) No such file or directory

and so on ad infinitum.

Version-Release number of selected component (if applicable):

selinux-policy-3.5.13-40.fc10.noarch
selinux-policy-targeted-3.5.13-40.fc10.noarch
policycoreutils-2.0.57-14.fc10.x86_64

Note that I have set root's default shell to /bin/zsh.  Random theory: maybe in the process of updating the ~/.history file, zsh is temporarily creating a hardlink to .history.LOCK that restorecond notices and tries to relabel?  If so, this file is temporary, because I never managed to see it with "ls -a".

Incidentally, I have a stock /etc/selinux/restorecond.conf that seems to direct restorecond to monitor all files under every user's home directory.  I didn't immediately see any way to exclude /root/.history.LOCK.

# cat /etc/selinux/restorecond.conf 
/etc/services
/etc/resolv.conf
/etc/samba/secrets.tdb
/etc/mtab
/var/run/utmp
/var/log/wtmp
~/*
~/.mozilla/plugins/libflashplayer.so
Comment 1 D. Wagner 2009-01-30 22:23:29 EST
I now notice that I'm also occasionally getting similar error messages about other files as well, under some conditions:

Jan 30 19:12:30 senfl restorecond: Will not restore a file with more than one ha
rd link (/home/daw/.calendar~) No such file or directory
...
Jan 30 19:14:36 senfl restorecond: Will not restore a file with more than one ha
rd link (/root/.xauthURiITZ-c) No such file or directory
Jan 30 19:14:36 senfl restorecond: Will not restore a file with more than one ha
rd link (/root/.xauthURiITZ-l) No such file or directory
Jan 30 19:14:36 senfl restorecond: Will not restore a file with more than one ha
rd link (/root/.history.LOCK) No such file or directory
Jan 30 19:16:04 senfl restorecond: Will not restore a file with more than one ha
rd link (/home/daw/.history.LOCK) No such file or directory

I'm guessing these were triggered when I logged in and started a new Gnome session (which started up several programs, including ical, a calendar app) and perhaps when I used "su - root" or "ssh root@localhost".  However I have not rigorously verified this.
Comment 2 Daniel Walsh 2009-02-02 08:46:59 EST
Fixed in policycoreutils-2.0.57-16
Comment 3 D. Wagner 2009-02-05 16:55:00 EST
Thanks for the fix!  Any tips on how to test policycoreutils-2.0.57-16 on a F10 box?

It's not in the default F10 repos.  (The latest they have is 2.0.57-14.)

It's not in the F10 *testing* repos.

And if I enable the rawhide repos, it tries to get policycoreutils.x86_64 0:2.0.61-7.fc11, which pulls in policycoreutils-gui.x86_64 0:2.0.61-7.fc11, which requires python >= 2.6, which in turn requires upgrading dozens of packages, and the dependencies fail for several of these, so that's a no-go.
Comment 4 Daniel Walsh 2009-02-06 13:46:11 EST
You can bang me on the head to put it into testing.

Just added.

Sorry about that.
Comment 5 D. Wagner 2009-02-13 15:57:23 EST
Yup, I can confirm policycoreutils-2.0.57-16.fc10.x86_64 fixes this bug for me, without introducing any other ill effects.  Thanks for the rapid fix, Daniel!
Comment 6 Ed Greshko 2014-01-30 18:57:20 EST
This is an old bugzilla but the same problem seems to have been reintroduced in F20.  I'm seeing these....

 Jan 31 07:39:49 meimei restorecond: Warning! /root/.xauthlpj2gn-l refers to a file with more than one hard link, not fixing hard links.
Jan 31 07:39:49 meimei restorecond: (null) get context on /root/.xauthlpj2gn-n failed: 'No such file or directory'

in my logs.

Should a new bugzilla be opened or this one resurrected?
Comment 7 ILMostro 2014-02-05 06:15:29 EST
(In reply to Ed Greshko from comment #6)
I can confirm this as well with selinux-policy-targeted.noarch            3.12.1-122.fc20
Comment 8 Daniel Walsh 2014-02-13 12:52:34 EST
You probably no longer need to run restorecond in F20.  Unless you have a particular file that keeps getting mislabeled.

Note You need to log in before you can comment on or make changes to this bug.