Bug 512301 - Multiple different specifications for /var/vdsm(/.*)?
Multiple different specifications for /var/vdsm(/.*)?
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy (Show other bugs)
5.4
All Linux
medium Severity medium
: rc
: ---
Assigned To: Daniel Walsh
BaseOS QE
: Regression
Depends On:
Blocks: 549492
  Show dependency treegraph
 
Reported: 2009-07-17 03:26 EDT by Milos Malik
Modified: 2012-10-15 10:16 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 549492 (view as bug list)
Environment:
Last Closed: 2009-09-02 03:58:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Milos Malik 2009-07-17 03:26:17 EDT
Description of problem:
It seems that selinux-policy allows /var/vdsm(/.*)? files to have two different SELinux contexts. I believe that one of the contexts should be removed.

Version-Release number of selected component (if applicable):
selinux-policy-targeted-2.4.6-252.el5
selinux-policy-2.4.6-252.el5
yum-3.2.22-20.el5

How reproducible:
always

Steps to Reproduce:
1. yum -y install <package>
2. look at the end of /var/log/messages
# semanage fcontext -l | grep vdsm
/var/vdsm(/.*)?                                    all files          system_u:object_r:qemu_var_run_t:s0 
/var/vdsm(/.*)?                                    all files          system_u:object_r:virt_var_lib_t:s0 

  
Actual results: 
Jul 17 03:16:21 hp-rx1620-01 : /etc/selinux/targeted/contexts/files/file_contexts: Multiple different specifications for /var/vdsm(/.*)?  (system_u:object_r:virt_var_lib_t:s0 and system_u:object_r:qemu_var_run_t:s0). 
Jul 17 03:16:21 hp-rx1620-01 : /etc/selinux/targeted/contexts/files/file_contexts: Multiple different specifications for /var/vdsm(/.*)?  (system_u:object_r:virt_var_lib_t:s0 and system_u:object_r:qemu_var_run_t:s0). 
Jul 17 03:16:44 hp-rx1620-01 yum: Installed: selinux-policy-devel-2.4.6-252.el5.noarch

Expected results:
Jul 17 03:16:44 hp-rx1620-01 yum: Installed: selinux-policy-devel-2.4.6-252.el5.noarch

Additional info:
reproducible on all architectures
Comment 1 Daniel Walsh 2009-07-20 16:26:49 EDT
Fixed in selinux-policy-2.4.6-253.el5.src.rpm
Comment 4 Jay Turner 2009-07-21 09:43:54 EDT
Things seems lots happier on my system with 2.4.6-253.el5.  I received 12 of the messages between 06:51 and 07:45, upgraded to the new packages and haven't seen another message to this point (currently 09:43.)  Holding off marking as verified until some additional test results come in and the package itself is included in a build.
Comment 9 errata-xmlrpc 2009-09-02 03:58:57 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-1242.html

Note You need to log in before you can comment on or make changes to this bug.