On Fri, 2006-04-07 at 21:24 -0400, mroselinux(a)eastgranby.k12.ct.us
wrote:
> As I indicated in a previous message, I am migrating a samba server from
> FC3 to FC5 and have run into another SELINUX policy issue. I have a
> second hard drive with a single ext3 partition that I primarly use for
> backups. It is labeled /backup. I did a mkdir /backup and entered the
> appropriate line into fstab. When I reboot, I get the following
>
> -----------------------------------------------------------------------
>
> Apr 7 21:08:11 localhost kernel: audit(1144458480.400:2): avc: denied
> {
> getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2
> scontext=system_u:system_r:hald_t:s0
> tcontext=system_u:object_r:file_t:s0
> tclass=dir
> Apr 7 21:08:11 localhost kernel: audit(1144458480.444:3): avc: denied
> {
> getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2
> scontext=system_u:system_r:hald_t:s0
> tcontext=system_u:object_r:file_t:s0
> tclass=dir
> Apr 7 21:08:11 localhost kernel: audit(1144458480.516:4): avc: denied
> {
> getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2
> scontext=system_u:system_r:hald_t:s0
> tcontext=system_u:object_r:file_t:s0
> tclass=dir
>
> --------------------------------------------------------------------------
>
> What do I need to do to support the /backup partition with SELINUX?
I have the same setup. :) Mine is labeled root_t it seems.
[medieval@chaucer ~]$ ls -Zd /mnt/hdb1
drwxr-xr-x root root system_u:object_r:root_t /mnt/hdb1
Try this:
chcon -t root_t /mnt/hdb1
See if that helps. You can also do a "restorecon -R /mnt/hdb1" too I
think.
Bob
--
Bob Kashani
http://www.gnome.org/~bobk/
Hi Bob,
Thanks for the reply. My setup must be somewhat different from yours
because my second HD is /dev/hdb2. In any event, here is screen copy of
what I tried.
[root@localhost ~]# ls -Zd /mnt/hdb1
ls: /mnt/hdb1: No such file or directory
[root@localhost ~]# ls -Zd /mnt/hdb1
ls: /mnt/hdb1: No such file or directory
[root@localhost ~]# ls -Zd /dev/hdb1
brw-r----- root disk system_u:object_r:fixed_disk_device_t /dev/hdb1
[root@localhost ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
17775388 2423964 14433920 15% /
/dev/hda1 101086 14054 81813 15% /boot
/dev/hdb1 19243740 176288 18089900 1% /backup
tmpfs 257324 0 257324 0% /dev/shm
[root@localhost ~]# ls -Zd /backup
drwxr-xr-x root root system_u:object_r:file_t /backup
[root@localhost ~]# restorecon /backup
[root@localhost ~]# ls -Zd /backup
drwxr-xr-x root root system_u:object_r:default_t /backup
[root@localhost ~]# chcon -t root_t /backup
[root@localhost ~]# ls -Zd /backup
drwxr-xr-x root root system_u:object_r:root_t /backup
[root@localhost ~]#
After the chcon and rebooting the system, the HAL denied messages did not
occur. I still have more experimenting to do with data under /backup.
Regards,
Mark