On 4/8/06, mroselinux(a)eastgranby.k12.ct.us
<mroselinux(a)eastgranby.k12.ct.us> wrote:
> On Fri, 2006-04-07 at 21:24 -0400,
mroselinux(a)eastgranby.k12.ct.us
> wrote:
>> As I indicated in a previous message, I am migrating a samba server from
>> FC3 to FC5 and have run into another SELINUX policy issue. I have a
>> second hard drive with a single ext3 partition that I primarly use for
>> backups. It is labeled /backup. I did a mkdir /backup and entered the
>> appropriate line into fstab. When I reboot, I get the following
>>
>> -----------------------------------------------------------------------
>>
>> Apr 7 21:08:11 localhost kernel: audit(1144458480.400:2): avc: denied
>> {
>> getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2
^^^^^
^^^^^
> [medieval@chaucer ~]$ ls -Zd /mnt/hdb1
> drwxr-xr-x root root system_u:object_r:root_t /mnt/hdb1
>
Ok what is your system layout?
From what I can tell in the below.. your VolGroup00-LogVol00 is
probably on /dev/hdb1 but it is hard to tell..
[root@localhost ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
17775388 2423964 14433920 15% /
/dev/hda1 101086 14054 81813 15% /boot
/dev/hdb1 19243740 176288 18089900 1% /backup
tmpfs 257324 0 257324 0% /dev/shm
Could you try the following and send the output:
fdisk -l /dev/hda
fdisk -l /dev/hdb
That will help clear up any confusion.
Next what does the command
audit2allow -i /var/log/messages
show in its output?
I think you may be having multiple problems here.. and you will need
to not literally take instructions from the list because we dont have
your exact layout. In the case of the email from Bob, he was showing
you what he needed to do on his system.. but that doesnt mean your
system will match.
Have you done a complete relabel of the system after booting? I found
I needed to do this with my one FC3->FC5 system but not the other.
[root@localhost ~]# ls -Zd /backup
drwxr-xr-x root root system_u:object_r:file_t /backup
[root@localhost ~]# restorecon /backup
[root@localhost ~]# ls -Zd /backup
drwxr-xr-x root root system_u:object_r:default_t /backup
[root@localhost ~]# chcon -t root_t /backup
[root@localhost ~]# ls -Zd /backup
drwxr-xr-x root root system_u:object_r:root_t /backup
[root@localhost ~]#
After the chcon and rebooting the system, the HAL denied messages did not
occur. I still have more experimenting to do with data under /backup.
Regards,
Mark
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
Stephen J Smoogen.
CSIRT/Linux System Administrator