Bug 973156 - /etc/yaboot.conf (bootloader_t) is symlink pointing to file with type boot_t
/etc/yaboot.conf (bootloader_t) is symlink pointing to file with type boot_t
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: selinux-policy (Show other bugs)
All Linux
unspecified Severity medium
: rc
: ---
Assigned To: Miroslav Grepl
Michal Trunecka
Depends On:
  Show dependency treegraph
Reported: 2013-06-11 07:49 EDT by Michal Trunecka
Modified: 2014-09-30 19:35 EDT (History)
3 users (show)

See Also:
Fixed In Version: selinux-policy-3.7.19-210.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-11-21 05:31:04 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Michal Trunecka 2013-06-11 07:49:52 EDT
Description of problem:
Because of Bug 813803 the /etc/yaboot.conf was labeled as bootloader_t, but on ppc64 (the only arch this file matters) it's a symlink pointing to /boot/etc/yaboot.conf with type boot_t.

Version-Release number of selected component (if applicable):
Comment 1 Daniel Walsh 2013-06-20 13:38:30 EDT
Michal what should it be labeled?
Comment 2 Michal Trunecka 2013-06-21 03:09:52 EDT
I think that
/boot/etc/yaboot.conf should be labeled  bootloader_etc_t
/etc/yaboot.conf can stay as etc_t or should be bootloader_etc_t as well

There is no explanation in the linked bug but it was resolved so that the bootloaders' conf files are labeled as bootloader_etc_t instead of boot_t. I assume it was for some reason.

(Oh, now I see the typo in the Bug Description, bootloader_t should have been bootloader_etc_t)
Comment 3 Daniel Walsh 2013-06-28 14:54:59 EDT
I made this change in Rawhide policy.
Comment 6 errata-xmlrpc 2013-11-21 05:31:04 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.