Date: Wed, 2 Jun 2004 21:48:10 +0400
To: linux-kernel@vger.kernel.org
Subject: 2.6.7-rc2: open() hangs on ReiserFS with SELinux enabled
Message-ID: <20040602174810.GA31263@school.ioffe.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
User-Agent: Mutt/1.3.28i
From: mitya@school.ioffe.ru (Dmitry Baryshkov)
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1521
Lines: 33

Hello,

I tried enabling SELinux on my Linux-box, using ReiserFS as /, kernel
2.6.7-rc2.

After relabeling and rebooting in non-enforcing mode everything worked
well, exept the fact, that new files on reiserfs filesystems don't get
security attributes.

So I added 'fs_use_xattr reiserfs system_u:object_r:fs_t;' to the policy,
rebooted and found, that mount hangs during opening of /etc/mtab~<pid>
(even in non-enforcing mode).

If I remove that line from SELinux policy, systems boots up OK.

Here are last lines from #strace mount / -o remount :

=== Cut ===
open("/etc/mtab~202", O_WRONLY|O_CREAT|O_LARGEFILE, 0600audit(1085949484.378:0): avc:  denied  { write } for  pid=202 exe=/bin/mount name=etc dev=hda5 ino=91 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:etc_t tclass=dir
audit(1085949484.378:0): avc:  denied  { add_name } for  pid=202 exe=/bin/mount name=etc dev=hda5 ino=91 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:etc_t tclass=dir
audit(1085949484.378:0): avc:  denied  { create } for  pid=202 exe=/bin/mount name=mtab~202 dev=hda5 ino=91 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:etc_t tclass=file
=== Cut ===

Tell me, if I need to provide any additional info.

-- 
With best wishes
Dmitry Baryshkov
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/