3Ware raid /dev/tw?? not label at boot
David Highley
dhighley at highley-recommended.com
Sat Apr 20 16:32:40 UTC 2013
"Daniel J Walsh wrote:"
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 04/19/2013 11:36 PM, David Highley wrote:
> > We are seeing a previously fixed issue reoccurring that the device entries,
> > /dev/tw??, are not getting labeled at boot time so smartd is getting
> > blocked. Current policy is: selinux-policy-targeted-3.11.1-91.fc18.noarch
> >
> > Started with the previous version. -- selinux mailing list
> > selinux at lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/selinux
> >
> What exact devices. The way this works can be racy. The kernel creates a
> device and udev notices the device and relabels it. If smartd notices the
> device before udev fixes it, we can generate an AVC. We might be able to use
> named filetrans, but it can only handle exact matches. If the device number is
> big and random, we have to go back to the race condition where udev fixes the
> label. Currently we do not have named file trans for any tw devices.
They are /dev/tw0 to /dev/twa15. Since we are able to do a restorecon it
is more likely the race condition and that smartd is getting started too
early by systemd. We will submit a bug report against smartd as the
probably need to modify the smartd.service file to had some wait
coordination.
Boot and install times are great. Won't boar all of you with the multi
hour conference room login experience I had last week at work due to IT
management of systems and Windows:-)
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.13 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlFybVwACgkQrlYvE4MpobMfEQCfa3NWbRg9Nxvo4/qF1PoTzHuB
> +F4AnA8cY+r4l45atlQ8yzNBWFKsUg5H
> =j4jD
> -----END PGP SIGNATURE-----
>
More information about the selinux
mailing list