[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [FC5] New Partition help

From: "Stephen J. Smoogen" <smooge gmail com>
Cc: fedora-selinux-list redhat com
Subject: Re: [FC5] New Partition help
Date: Sun, 9 Apr 2006 11:35:26 -0600

On 4/8/06, mroselinux eastgranby k12 ct us
<mroselinux eastgranby k12 ct us> wrote:
> > On Fri, 2006-04-07 at 21:24 -0400, mroselinux eastgranby k12 ct us
> > wrote:
> >> As I indicated in a previous message, I am migrating a samba server from
> >> FC3 to FC5 and have run into another SELINUX policy issue.  I have a
> >> second hard drive with a single ext3 partition that I primarly use for
> >> backups.  It is labeled /backup.  I did a mkdir /backup and entered the
> >> appropriate line into fstab.  When I reboot, I get the following
> >>
> >> -----------------------------------------------------------------------
> >>
> >> Apr  7 21:08:11 localhost kernel: audit(1144458480.400:2): avc:  denied
> >> {
> >> getattr } for  pid=2036 comm="hald" name="/" dev=hdb1 ino=2
                                                   ^^^^^              
        ^^^^^

> > [medieval chaucer ~]$ ls -Zd /mnt/hdb1
> > drwxr-xr-x  root     root     system_u:object_r:root_t         /mnt/hdb1
> >


Ok what is your system layout?

>From what I can tell in the below.. your VolGroup00-LogVol00 is
probably on /dev/hdb1 but it is hard to tell..

> [root localhost ~]# df
> Filesystem           1K-blocks      Used Available Use% Mounted on
> /dev/mapper/VolGroup00-LogVol00
>                       17775388   2423964  14433920  15% /
> /dev/hda1               101086     14054     81813  15% /boot
> /dev/hdb1             19243740    176288  18089900   1% /backup
> tmpfs                   257324         0    257324   0% /dev/shm

Could you try the following and send the output:

fdisk -l /dev/hda
fdisk -l /dev/hdb

That will help clear up any confusion.


Next what does the command

audit2allow -i /var/log/messages

show in its output?

I think you may be having multiple problems here.. and you will need
to not literally take instructions from the list because we dont have
your exact layout. In the case of the email from Bob, he was showing
you what he needed to do on his system.. but that doesnt mean your
system will match.

Have you done a complete relabel of the system after booting? I found
I needed to do this with my one FC3->FC5 system but not the other.


> [root localhost ~]# ls -Zd /backup
> drwxr-xr-x  root     root     system_u:object_r:file_t         /backup
> [root localhost ~]# restorecon /backup
> [root localhost ~]# ls -Zd /backup
> drwxr-xr-x  root     root     system_u:object_r:default_t      /backup
> [root localhost ~]# chcon -t root_t /backup
> [root localhost ~]# ls -Zd /backup
> drwxr-xr-x  root     root     system_u:object_r:root_t         /backup
> [root localhost ~]#
>
> After the chcon and rebooting the system, the HAL denied messages did not
> occur.  I still have more experimenting to do with data under /backup.
>
> Regards,
> Mark
>
>
>
>
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list redhat com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>


--
Stephen J Smoogen.
CSIRT/Linux System Administrator

References:
- [FC5] New Partition help
  - From: mroselinux
- Re: [FC5] New Partition help
  - From: Bob Kashani
- Re: [FC5] New Partition help
  - From: mroselinux

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]