Bootup avc, "systemd-tmpfile" important?

Daniel J Walsh dwalsh at redhat.com
Mon Apr 30 17:24:08 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/29/2012 12:17 PM, Dominick Grift wrote:
> On Sun, 2012-04-29 at 12:32 +0100, Frank Murphy wrote:
>> On 29/04/12 11:45, Dominick Grift wrote:
>>> 
>>> Not important i believe, but this is something that should be fixed i 
>>> guess.
>>> 
>>> systemd-tmpfiles is trying to change the context (/dev/lp2) where it
>>> is not needed. Does not seem very efficient to me.
>>> 
>>> Is that location mentioned anywhere in /etc/tmpfiles.d?
>>> 
>> 
>> No, and they're breeding, the avc's cover lp0, lp1,lp2,lp3,lp4
>> 
>> 
> 
> I would say that this is a bug in a systemd-tmpfiles configuration file 
> that some package includes.
> 
> Because i do not think systemd-tmpfiles should set device node labels, and
> even if it should it should probably check first to see if setting it is
> even needed.
> 
> In the case you enclosed, it is trying to set a context the same as the 
> device nodes current context. (e.g. redundant)
> 
> So imho this isnt a selinux-policy bug but a instead it is a bug in a 
> systemd-tmpfiles configuration file. I could be wrong about that though.
> 
> 
> -- selinux mailing list selinux at lists.fedoraproject.org 
> https://admin.fedoraproject.org/mailman/listinfo/selinux

Yes please open a bug on systemd to check if a context is the same as the
context it is going to set, and then don't set it.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+eyrgACgkQrlYvE4MpobN9IACgsCMojHoZ8yqx0c2AeCWDx81R
0wUAn06hx5w4ajg43lSmYNUMDazA7ydU
=oQwC
-----END PGP SIGNATURE-----


More information about the selinux mailing list