[Pkg-sysvinit-devel] Bug#390897: initscripts: mountdevsubfs.sh SELinux support

Erich Schubert erich at debian.org
Tue Oct 3 14:44:05 UTC 2006 

Package: initscripts
Version: 2.86.ds1-31
Severity: normal
Tags: patch

Hi,
Basically whenever something in /dev is created, it needs to be
relabeled properly. udev takes care of that, and a static /dev is
keeping the labels via it's persistence.
However, mountdevsubfs.sh will eventually create some directories; and
these might end up with bad names.
Attached patch calls restorecon on them to assign them the appropriate
context. /dev/pts should already be created by udev; I don't know about
/dev/ptmx; maybe it should be added to /etc/udev/links.conf

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.18
Locale: LANG=de_DE.UTF-8 at euro, LC_CTYPE=de_DE.UTF-8 at euro (charmap=UTF-8)

Versions of packages initscripts depends on:
ii  debianutils                  2.17.3      Miscellaneous utilities specific t
ii  e2fsprogs                    1.39-1.1    ext2 file system utilities and lib
ii  libc6                        2.3.6.ds1-5 GNU C Library: Shared libraries
ii  lsb-base                     3.1-17      Linux Standard Base 3.1 init scrip
ii  mount                        2.12r-11    Tools for mounting and manipulatin
ii  sysvinit-utils               2.86.ds1-31 System-V-like utilities

Versions of packages initscripts recommends:
ii  psmisc                        22.3-1     Utilities that use the proc filesy

-- no debconf information
-------------- next part --------------
--- /etc/init.d/mountdevsubfs.sh	2006-09-29 18:05:44.000000000 +0200
+++ /tmp/mountdevsubfs.sh	2006-10-03 16:43:23.000000000 +0200
@@ -55,6 +55,7 @@
 			if grep -qs '/dev devfs' /proc/mounts
 			then
 				mkdir --mode=755 /dev/pts
+				[ -x /sbin/restorecon ] && /sbin/restorecon /dev/pts
 			fi
 		fi
 		if [ -d /dev/pts ]
@@ -67,6 +68,7 @@
 				then
 					log_warning_msg "Failed making node /dev/ptmx with error code ${ES}."
 				fi
+				[ -x /sbin/restorecon ] && /sbin/restorecon /dev/ptmx
 			fi
 			domount devpts "" /dev/pts devpts -onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE
 		fi

More information about the Pkg-sysvinit-devel mailing list