sharing a partition betweed FC3 and FC5

[Stephen Smalley]

On Sun, 2006-08-06 at 19:26 +0100, Paul Howarth wrote:
> On Sun, 2006-08-06 at 01:38 -0400, D. Hugh Redelmeier wrote:
> > [I sent this to fedora-list at redhat.com a couple of minutes ago.  I 
> > apologize for cross-posting.]
> > 
> > I installed 32-bit Fedora Core 5 on an Athlon-64 box.  I intended this
> > installation to co-exist with a 64-bit Fedora Core 3 installation.
> > The two installations share a /home ext3 partition and the swap partition.
> > This is often how I do upgrades: a dual boot system with both old and
> > new bootable.
> > 
> > The problem is that the FC5 installation did something to
> > the /home partition that prevents the FC3 from mounting it.
> > 
> > When I manually try a mount of /home from FC3, the useless
> > mount-failure message is preceded by these messages.  I think that
> > they are the key:
> > 
> >     inode_doinit_with_dentry:  context_to_sid(system_u:object_r:home_root_t:s0) returned 22 for dev=hda5 ino=2
> >     inode_doinit_with_dentry:  context_to_sid(system_u:object_r:home_root_t:s0) returned 22 for dev=hda5 ino=2
> > 
> > (In dmesg, these two messages were preceded by these that might be relevant:
> >     kjournald starting.  Commit interval 5 seconds
> >     EXT3 FS on hda5, internal journal
> >     EXT3-fs: mounted filesystem with ordered data mode.
> >     SELinux: initialized (dev hda5, type ext3), uses xattr
> > )
> > 
> > (The useless mount failure message is:
> >   mount: wrong fs type, bad option, bad superblock on /dev/hda5
> >          or too many mounted file systems
> >  This message is disgracefully non-specific.)
> > 
> > I think that this is a problem with SELinux.  The following thread
> > looks relevant but unhelpful:
> >   http://www.redhat.com/archives/fedora-selinux-list/2006-April/msg00002.html
> > It provides a solution (I hope) for FC4 but FC3 would not have such an update.
> 
> I think you're right; the underlying issue is that FC5 file contexts
> have 4 parts and FC4 and earlier have 3 parts (the extra part being for
> MLS). The fix for FC4 was to apply a patch so that the kernel could deal
> with (though probably not use) the MLS part. With FC3 now supported by
> the Fedora Legacy project, who only usually do updates for security
> issues, I think the chances of this getting fixed by them for FC3 are
> slim to none.
> 
> You might be able to find the MLS patch in the FC4 kernel and see if you
> could get it to apply on the FC3 kernel though.
> 
> > I tried using enforcing=0 on the FC3 kernel command line, but nothing changed.
> > 
> > I thought ext3 was compatible between Fedora releases.  Unfortunately,
> > SELinux seems to have made things a lot more brittle.
> > 
> > ==> Is there something simple that I can do to allow the existing
> >     /home ext3 partition to be shared between FC3 and FC5?
> 
> Can't think of any offhand.

Unfortunately, aside from patching your FC3 kernel and rebuilding it, I
think your only option is to disable SELinux for FC3 altogether, i.e.
boot it with selinux=0 or set SELINUX=disabled in /etc/selinux/config.  

-- 
Stephen Smalley
National Security Agency