826618 – systemd-udev in rawhide is not creating content in /run/udev with the correct label.

Bug 826618 - systemd-udev in rawhide is not creating content in /run/udev with the correct label.

Summary: systemd-udev in rawhide is not creating content in /run/udev with the correct...

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	systemd
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	systemd-maint
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-05-30 15:43 UTC by Daniel Walsh
Modified:	2012-06-14 23:32 UTC (History)
CC List:	7 users (show)
Fixed In Version:	systemd-185-2.fc18
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-06-14 23:32:14 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Daniel Walsh 2012-05-30 15:43:49 UTC

Description of problem:

When you boot an F18 box the content under /run/udev/ has lots of default_t labeled files instead of udev_var_run_t.

I believe these files are being created during early boot and not having their labels corrected, this works correctly in F17.

systemd-183-1.fc18.x86_64

This could be happening if the prefix is just being set to /dev and not to /var/run

Comment 1 Daniel Walsh 2012-05-30 15:55:23 UTC

The problem is caused by 

label_init("/dev")

We should either eliminate this since systemd-udev is creating content under /var/run also. (/run)

It really needs 

label_init("/dev", "/var/run")

Comment 2 Daniel Walsh 2012-05-30 16:10:31 UTC

Another option would be to only use the SELinux labeling rules in systemd-udev when creating content in /dev and rely on SELinux to label stuff created in other directories.

Comment 3 Kay Sievers 2012-05-30 19:03:01 UTC

Oh, I see. Yeah, that needs fixing.

How would "rely on SELinux to label stuff created in other directories"
look like? We do not have any explicit selinux context settings in other
paths than /dev.

Comment 4 Lennart Poettering 2012-05-31 00:01:56 UTC

Fixed in git.

Comment 5 Kay Sievers 2012-06-04 22:15:46 UTC

New release submitted for f18.

Comment 6 Daniel Walsh 2012-06-06 11:01:26 UTC

This one works for me.

Note You need to log in before you can comment on or make changes to this bug.