On Wed, 21 Apr 2004 01:45:10 +1000, Russell Coker said:
It seems that my lvm patch was messed up, I didn't have the
latest version.
I've attached a new lvm.te that is correct.
Still needs some work:
# cd /
# /sbin/lvm lvcreate -n LogVol06 -L 2048M Volume00
/var/lock/lvm/V_Volume00: open failed: Permission denied
Can't get lock for Volume00
#
And these avc message:
Apr 20 16:23:51 orange kernel: audit(1082492631.510:0): avc: denied { getattr } for
pid=3575 exe=/sbin/lvm.static path=/var/lock/lvm dev=dm-5 ino=12289
scontext=root:system_r:lvm_t tcontext=system_u:object_r:lvm_lock_t tclass=dir
Apr 20 16:23:51 orange kernel: audit(1082492631.511:0): avc: denied { read write search
} for pid=3575 exe=/sbin/lvm.static name=lvm dev=dm-5 ino=12289
scontext=root:system_r:lvm_t tcontext=system_u:object_r:lvm_lock_t tclass=dir
Apr 20 16:23:51 orange kernel: audit(1082492631.511:0): avc: denied { search } for
pid=3575 exe=/sbin/lvm.static name=lvm dev=dm-5 ino=12289 scontext=root:system_r:lvm_t
tcontext=system_u:object_r:lvm_lock_t tclass=dir
Apr 20 16:23:51 orange kernel: audit(1082492631.513:0): avc: denied { getattr } for
pid=3575 exe=/sbin/lvm.static name=/ dev=dm-5 ino=2 scontext=root:system_r:lvm_t
tcontext=system_u:object_r:fs_t tclass=filesystem
(Yes, breaking stuff like this is part of my job :)