Unable to create swapfiles....

[Daniel B. Thurman]

Hi Daniel J Walsh,

I have read the previous posts regarding creating swapfiles
and SELinux refuses to allow it.

The steps to create a swapfile is:

1) dd if=/dev/zero of=/swapfile bs=1024 count=<SWAP-SIZE>
1.5) New step: chcon -t swapfile_t /swapfile
2) mkswap /swapfile
3) swapon /swapfile
4) Add entry to fstab

All of this is per Redhat's documention - which is old.

But with the inclusion of SELinux, a new security context
of swapfile_t was added, and supposedly added to mkswap
as well - and I have have the latest YUM updates since I am
testing with FC5-T3 and I have done (1.5) above but when doing
(2) I get a "relabel" denial with the message:

> mkswap /swapfile
mkswap: unable to relabel /swapfile to swapfile_t: Permission denied

/var/log/audit/audit.log shows:

type=AVC msg=audit(1141837284.182:194): avc:  denied  { ioctl } for  pid=3948 comm="mkswap" name="swapfile" dev=hda7 ino=107915 scontext=root:system_r:fsadm_t:s0-s0:c0.c255 tcontext=root:object_r:swapfile_t:s0 tclass=file
type=SYSCALL msg=audit(1141837284.182:194): arch=40000003 syscall=54 success=no exit=-13 a0=3 a1=1260 a2=bf9c1ed0 a3=bf9c39fb items=0 pid=3948 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="mkswap" exe="/sbin/mkswap"
type=AVC_PATH msg=audit(1141837284.182:194):  path="/swapfile"
type=AVC msg=audit(1141837284.238:195): avc:  denied  { relabelfrom } for  pid=3948 comm="mkswap" name="swapfile" dev=hda7 ino=107915 scontext=root:system_r:fsadm_t:s0-s0:c0.c255 tcontext=root:object_r:swapfile_t:s0 tclass=file
type=SYSCALL msg=audit(1141837284.238:195): arch=40000003 syscall=228 success=no exit=-13 a0=3 a1=250f66f a2=804a434 a3=b items=0 pid=3948 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="mkswap" exe="/sbin/mkswap"

Please let me know what solution is needed!

Kind regards,
Dan