selinux + vfat problem
T. Horsnell (tsh)
tsh at mrc-lmb.cam.ac.uk
Wed Dec 8 15:07:47 UTC 2004
I'm running a rebuilt stripped-down kernel and have hit
a problem with selinux and vfat on USB devices.
If I plug in, say, a USB memorystick with a vfat filesystem
on it, selinux moans thus (from /var/log/messages):
Dec 8 14:32:55 prox-12 kernel: usb 1-1: new full speed USB device using address 10
Dec 8 14:32:55 prox-12 kernel: scsi8 : SCSI emulation for USB Mass Storage devices
Dec 8 14:32:55 prox-12 kernel: Vendor: Kingston Model: DataTraveler2.0 Rev: 4.70
Dec 8 14:32:55 prox-12 kernel: Type: Direct-Access ANSI SCSI revision: 02
Dec 8 14:32:56 prox-12 kernel: SCSI device sdb: 239872 512-byte hdwr sectors (123 MB)
Dec 8 14:32:56 prox-12 kernel: sdb: assuming Write Enabled
Dec 8 14:32:56 prox-12 kernel: sdb: assuming drive cache: write through
Dec 8 14:32:56 prox-12 kernel: sdb: sdb1
Dec 8 14:32:56 prox-12 kernel: Attached scsi removable disk sdb at scsi8, channel 0, id 0, lun 0
Dec 8 14:32:56 prox-12 scsi.agent[5745]: disk at /devices/pci0000:00/0000:00:1f.2/usb1/1-1/1-1:1.0/host8/8:0:0:0
Dec 8 14:32:58 prox-12 fstab-sync[5823]: added mount point /media/KINGSTON1 for /dev/sdb1
Dec 8 14:32:58 prox-12 kernel: SELinux: fscontext option is invalid for this filesystem type
--------------------------------^^^^^^^^^^^^^^^^^^^^
and the filesystem doesnt mount.
It will, however, let me mount it manually (as root) and then gives me
the log message:
Dec 8 14:33:21 prox-12 kernel: SELinux: initialized (dev sdb1, type vfat), uses genfs_contexts
--------------------------------^^^^^^^^^^^^^^^^^^^^
An icon then appears on the desktop and I can manipulate the filesystem
in the normal ways.
I must have missed some kernel config option, but which one?
Any ideas out there?
Incidentally, the kernel-source script scrips/extract-ikconfig doesnt
seem to work, even tho I config'd it (CONFIG_IKCONFIG_PROC=y):
[root at fw1 linux-2.6.9]$ scripts/extract-ikconfig arch/i386/boot/bzImage
ERROR: Unable to extract kernel configuration information.
This kernel image may not have the config info.
but the kernel does indeed contain the config info because it's readable
from /proc/config.gz after booting.
Cheers,
Terry.
More information about the fedora-list
mailing list