SELinux AVCs with swap stored in LVM volume
Alasdair G Kergon
agk at redhat.com
Fri Nov 18 22:14:48 UTC 2005
On Mon, Oct 31, 2005 at 10:55:34AM -0500, Stephen Smalley wrote:
> On Mon, 2005-10-31 at 09:47 -0500, Daniel J Walsh wrote:
> > The fd:use and blk_file read is caused by a kernel bug
> I think it may be a lvm bug rather than a kernel bug, so you may want to
> re-assign it in bugzilla. Note that anything that runs prior to initial
> policy load by /sbin/init or anything that runs as a usermode helper
> from the kernel without a domain transition defined will run with type
> kernel_t.
Turned out to be a known bug in nash.
nash is a tiny shell used in the initrd and it sometimes appears to
not to close the swap device before execing /sbin/init.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169427
# lsof
...
init 1 root 53r BLK 8,5 935 /dev/sda5
Patches gratefully received:-)
Alasdair
--
agk at redhat.com
More information about the fedora-selinux-list
mailing list