[FC5] New Partition help

Stephen J. Smoogen smooge at gmail.com
Sun Apr 9 17:35:26 UTC 2006 

On 4/8/06, mroselinux at eastgranby.k12.ct.us
<mroselinux at eastgranby.k12.ct.us> wrote:
> > On Fri, 2006-04-07 at 21:24 -0400, mroselinux at eastgranby.k12.ct.us
> > wrote:
> >> As I indicated in a previous message, I am migrating a samba server from
> >> FC3 to FC5 and have run into another SELINUX policy issue.  I have a
> >> second hard drive with a single ext3 partition that I primarly use for
> >> backups.  It is labeled /backup.  I did a mkdir /backup and entered the
> >> appropriate line into fstab.  When I reboot, I get the following
> >>
> >> -----------------------------------------------------------------------
> >>
> >> Apr  7 21:08:11 localhost kernel: audit(1144458480.400:2): avc:  denied
> >> {
> >> getattr } for  pid=2036 comm="hald" name="/" dev=hdb1 ino=2
                                                   ^^^^^              
        ^^^^^

> > [medieval at chaucer ~]$ ls -Zd /mnt/hdb1
> > drwxr-xr-x  root     root     system_u:object_r:root_t         /mnt/hdb1
> >


Ok what is your system layout?

>From what I can tell in the below.. your VolGroup00-LogVol00 is
probably on /dev/hdb1 but it is hard to tell..

> [root at localhost ~]# df
> Filesystem           1K-blocks      Used Available Use% Mounted on
> /dev/mapper/VolGroup00-LogVol00
>                       17775388   2423964  14433920  15% /
> /dev/hda1               101086     14054     81813  15% /boot
> /dev/hdb1             19243740    176288  18089900   1% /backup
> tmpfs                   257324         0    257324   0% /dev/shm

Could you try the following and send the output:

fdisk -l /dev/hda
fdisk -l /dev/hdb

That will help clear up any confusion.


Next what does the command

audit2allow -i /var/log/messages

show in its output?

I think you may be having multiple problems here.. and you will need
to not literally take instructions from the list because we dont have
your exact layout. In the case of the email from Bob, he was showing
you what he needed to do on his system.. but that doesnt mean your
system will match.

Have you done a complete relabel of the system after booting? I found
I needed to do this with my one FC3->FC5 system but not the other.


> [root at localhost ~]# ls -Zd /backup
> drwxr-xr-x  root     root     system_u:object_r:file_t         /backup
> [root at localhost ~]# restorecon /backup
> [root at localhost ~]# ls -Zd /backup
> drwxr-xr-x  root     root     system_u:object_r:default_t      /backup
> [root at localhost ~]# chcon -t root_t /backup
> [root at localhost ~]# ls -Zd /backup
> drwxr-xr-x  root     root     system_u:object_r:root_t         /backup
> [root at localhost ~]#
>
> After the chcon and rebooting the system, the HAL denied messages did not
> occur.  I still have more experimenting to do with data under /backup.
>
> Regards,
> Mark
>
>
>
>
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>


--
Stephen J Smoogen.
CSIRT/Linux System Administrator

More information about the fedora-selinux-list mailing list