Bug 989945 - some files get mislabelled after LVM activation generator is executed
some files get mislabelled after LVM activation generator is executed
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: selinux-policy (Show other bugs)
7.0
All Linux
medium Severity medium
: rc
: ---
Assigned To: Miroslav Grepl
Milos Malik
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-07-30 03:58 EDT by Milos Malik
Modified: 2014-06-17 22:23 EDT (History)
0 users

See Also:
Fixed In Version: selinux-policy-3.12.1-86.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-06-13 06:44:24 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Milos Malik 2013-07-30 03:58:59 EDT
Description of problem:

Version-Release number of selected component (if applicable):
lvm2-2.02.98-6.el7.x86_64
selinux-policy-3.12.1-65.el7.noarch
selinux-policy-devel-3.12.1-65.el7.noarch
selinux-policy-doc-3.12.1-65.el7.noarch
selinux-policy-minimum-3.12.1-65.el7.noarch
selinux-policy-mls-3.12.1-65.el7.noarch
selinux-policy-targeted-3.12.1-65.el7.noarch

How reproducible:
always

Steps to Reproduce:
(if there is a simpler way how to invoke LVM activation generator, please tell me)
# virt-sandbox-service -c lxc:/// create -C -u sshd.service -N dhcp,source=default testssh
# virt-sandbox-service delete testssh
(following message just appeared on the console:
LVM: Activation generator successfully completed)
# restorecon -Rv /run

Actual results:
Both /run/systemd/generator/lvm2-activation* files are mislabelled.

Expected results:
Both /run/systemd/generator/lvm2-activation* files are labelled correctly.
Comment 1 Milos Malik 2013-07-30 04:00:44 EDT
# restorecon -Rv /run/restorecon:  Warning no default label for /run/lightdm.pid
restorecon:  Warning no default label for /run/rhn_check.pid
restorecon:  Warning no default label for /run/rhnsd.pid
restorecon:  Warning no default label for /run/lock/subsys
restorecon:  Warning no default label for /run/lock/subsys/vhostmd
restorecon:  Warning no default label for /run/lock/subsys/network
restorecon:  Warning no default label for /run/lock/subsys/rhnmd
restorecon:  Warning no default label for /run/lock/subsys/rhnsd
restorecon:  Warning no default label for /run/lock/subsys/trace-cmd
restorecon:  Warning no default label for /run/initramfs
restorecon:  Warning no default label for /run/initramfs/rwtab
restorecon:  Warning no default label for /run/initramfs/state
restorecon:  Warning no default label for /run/initramfs/state/var
restorecon:  Warning no default label for /run/initramfs/state/var/lib
restorecon:  Warning no default label for /run/initramfs/state/var/lib/dhclient
restorecon:  Warning no default label for /run/initramfs/state/etc
restorecon:  Warning no default label for /run/initramfs/state/etc/sysconfig
restorecon:  Warning no default label for /run/initramfs/state/etc/sysconfig/network-scripts
restorecon reset /run/systemd/generator/lvm2-activation.service context system_u:object_r:lvm_unit_file_t:s0->system_u:object_r:systemd_unit_file_t:s0
restorecon reset /run/systemd/generator/lvm2-activation-early.service context system_u:object_r:lvm_unit_file_t:s0->system_u:object_r:systemd_unit_file_t:s0
#
Comment 2 Milos Malik 2013-07-30 04:06:41 EDT
Much simpler reproducer:

# systemctl daemon-reload
# dmesg | tail -n 1
[668345.081136] LVM: Activation generator successfully completed.
# restorecon -Rv /run/
restorecon:  Warning no default label for /run/lightdm.pid
restorecon:  Warning no default label for /run/rhn_check.pid
restorecon:  Warning no default label for /run/rhnsd.pid
restorecon:  Warning no default label for /run/lock/subsys
restorecon:  Warning no default label for /run/lock/subsys/vhostmd
restorecon:  Warning no default label for /run/lock/subsys/network
restorecon:  Warning no default label for /run/lock/subsys/rhnmd
restorecon:  Warning no default label for /run/lock/subsys/rhnsd
restorecon:  Warning no default label for /run/lock/subsys/trace-cmd
restorecon:  Warning no default label for /run/initramfs
restorecon:  Warning no default label for /run/initramfs/rwtab
restorecon:  Warning no default label for /run/initramfs/state
restorecon:  Warning no default label for /run/initramfs/state/var
restorecon:  Warning no default label for /run/initramfs/state/var/lib
restorecon:  Warning no default label for /run/initramfs/state/var/lib/dhclient
restorecon:  Warning no default label for /run/initramfs/state/etc
restorecon:  Warning no default label for /run/initramfs/state/etc/sysconfig
restorecon:  Warning no default label for /run/initramfs/state/etc/sysconfig/network-scripts
restorecon reset /run/systemd/generator/lvm2-activation.service context system_u:object_r:lvm_unit_file_t:s0->system_u:object_r:systemd_unit_file_t:s0
restorecon reset /run/systemd/generator/lvm2-activation-early.service context system_u:object_r:lvm_unit_file_t:s0->system_u:object_r:systemd_unit_file_t:s0
#
Comment 3 Miroslav Grepl 2013-10-03 18:15:24 EDT
commit c7e6c33650472de35d38a50e2efb711ada808b10
Author: Miroslav Grepl <mgrepl@redhat.com>
Date:   Thu Oct 3 23:58:57 2013 +0200

    Add labeling for /usr/lib/systemd/system/lvm2.* unit files
Comment 6 Ludek Smid 2014-06-13 06:44:24 EDT
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.