tags 597403 wontfix
thanks
On Mon, Sep 20, 2010 at 12:55:35AM +1000, Russell Coker wrote:
> On Mon, 20 Sep 2010, Bastian Blank <[email protected]> wrote:
> > Please check if there is still a mknod permission for Xen related parts
> > in the selinux policy.
> There is still mknod. Not sure if it's needed though, I'll have to check.
At least not from anything in Squeeze.
> > My interpretation is: udev needs to change the context for already
> > existing files the same way it does with the DAC permissions. udev
> > _still_ gets it hands on the devices, otherwise all the permissions
> > would be wrong.
> Device nodes that existed prior to udev starting are correctly labeled. It's
> the ones that appear unexpectedly that cause this problem.
Kay acknowledged this as a bug in udev. See the referenced thread for a
patch.
> > If selinux can't cope with devtmpfs, don't use it.
> How do I not use devtmpfs?
Ask udev/initramfs-tools not to use.
> > As you don't seem to know that, please discuss that under
> > mass-bugfilling rules. Also yoo have to discuss that with the release
> > team, we are in deep freeze right now.
> Having done a reasonable amount of testing and not discovered any other such
> packages and having not seen any reference to the same problem in other
> packages by the Red Hat people it seems unlikely that there will be many bug
> reports needed.
Sorry, I have to decline before you did that. The change proposed by you
invalidates parts of the udev behaviour.
Bastian
--
Extreme feminine beauty is always disturbing.
-- Spock, "The Cloud Minders", stardate 5818.4
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
