[DSE-Dev] Bug#849637: /sys/devices/system/cpu/online SELinux context
cgzones
cgzones at googlemail.com
Fri Dec 30 16:17:24 UTC 2016
Hi,
thanks for your response.
I assigned this bug to systemd, cause I did not know any better and
thought the sysfs filesystem is managed by systemd, like /run.
Btw, /dev/pts/ptmx is also mislabeled:
root at debianSE:~# restorecon -vv -R -n /dev
Warning no default label for /dev/mqueue
Warning no default label for /dev/pts/0
Would relabel /dev/pts/ptmx from system_u:object_r:devpts_t:s0 to
system_u:object_r:ptmx_t:s0
Kindly Regards,
Christian Göttsche
2016-12-30 12:39 GMT+01:00 Laurent Bigonville <bigon at debian.org>:
> reassign 849637 policycoreutils
> thanks
>
> On Thu, 29 Dec 2016 12:36:30 +0100 cgzones <cgzones at googlemail.com> wrote:
>
>> When running a SELinux enabled system /sys/devices/system/cpu/online
>> is mislabeled after boot:
>>
>> root at test1:/root/selinux/policy# restorecon -vv -R -F -n /sys
>> Would relabel /sys/devices/system/cpu/online from
>> system_u:object_r:sysfs_t:s0 to system_u:object_r:cpu_online_t:s0
>
> Not sure why this is assigned to systemd as this is not created by systemd.
>
> It's working with sysvinit because the selinux-autorelabel LSB initscript is
> explicitly relabeling it during boot.
>
> Under systemd, that initscript is masked by the selinux-autorelabel.service.
>
> I was planning to add a tmpfiles for this, but apparently I forgot about it.
>
> Reassigning to policycoreutils
>
> Laurent Bigonville
More information about the SELinux-devel
mailing list