[DSE-Dev] Bug#781571: not grave
Andre Florath
andre at florath.net
Tue Sep 15 13:02:11 UTC 2015
Hello!
I can still reproduce this:
Install minimal VM image.
Stop sytem.
Add a second disk - passed in as /dev/vdb.
Start system.
Execute:
# apt-get install lvm2
# pvcreate /dev/vdb
# vgcreate vgtst /dev/vdb
# lvcreate -l "100%FREE" -n lvtst01 vgtst
Using the latest selinux-policy-default 2:2.20140421-10
(the one from your repo).
Still the same problem: lvcreate does not come back and
the following AVC:
type=AVC msg=audit(1442321383.536:67): avc: denied { associate } for pid=2987 comm="dmsetup" key=223169337 scontext=system_u:system_r:lvm_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=sem permissive=0
type=SYSCALL msg=audit(1442321383.536:67): arch=c000003e syscall=64 success=no exit=-13 a0=d4d4b39 a1=1 a2=0 a3=7ffc29a970e0 items=0 ppid=2984 pid=2987 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="dmsetup" exe="/sbin/dmsetup" subj=system_u:system_r:lvm_t:s0-s0:c0.c1023 key=(null)
So not relabeling from my side is done.
File contexts:
# ls -lZ /sbin/lvcreate
lrwxrwxrwx. 1 root root system_u:object_r:bin_t:SystemLow 3 Apr 11 01:47 /sbin/lvcreate -> lvm
# ls -lZ /sbin/dmsetup
-rwxr-xr-x. 1 root root system_u:object_r:lvm_exec_t:SystemLow 78664 Apr 11 01:46 /sbin/dmsetup
I'm not really sure if I need more reboots - somewhere in between???
Kind regards
Andre
More information about the SELinux-devel
mailing list