Re: SELinux blocks access to device files when booting 2.6.32.* kernels (fc12) [SOLVED]

On Mon, May 24, 2010 at 7:34 AM, Daniel J Walsh wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 05/23/2010 02:32 PM, Karl-Michael Schneider wrote: >> On Sat, May 22, 2010 at 06:05 AM, Tim wrote: >> >>> On Fri, 2010-05-21 at 17:19 -0700, Karl-Michael Schneider wrote: >>> # ker

Re: SELinux blocks access to device files when booting 2.6.32.* kernels (fc12)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/23/2010 02:32 PM, Karl-Michael Schneider wrote: > On Sat, May 22, 2010 at 06:05 AM, Tim wrote: > >> On Fri, 2010-05-21 at 17:19 -0700, Karl-Michael Schneider wrote: >> >>> # kernel-2.6.32.12-115.fc12 in single user mode >>> $ ls -lZ /dev >>> cr

Re: SELinux blocks access to device files when booting 2.6.32.* kernels (fc12)

On Sat, May 22, 2010 at 06:05 AM, Tim wrote: > On Fri, 2010-05-21 at 17:19 -0700, Karl-Michael Schneider wrote: > >> # kernel-2.6.32.12-115.fc12 in single user mode >> $ ls -lZ /dev >> crw---. root root system_u:object_r:unlabeled_t:s0 agpgart >> drwxr-xr-x. root root system_u:object_r:unlabe

Re: SELinux blocks access to device files when booting 2.6.32.* kernels (fc12)

On Fri, 2010-05-21 at 17:19 -0700, Karl-Michael Schneider wrote: > # kernel-2.6.32.12-115.fc12 in single user mode > $ ls -lZ /dev > crw---. root root system_u:object_r:unlabeled_t:s0 agpgart > drwxr-xr-x. root root system_u:object_r:unlabeled_t:s0 block > drwxr-xr-x. root root system_u:object

Re: SELinux blocks access to device files when booting 2.6.32.* kernels (fc12)

On Fri, May 21, 2010 at 12:37 PM, Daniel J Walsh wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > ls -lZ /dev > -BEGIN PGP SIGNATURE- > Version: GnuPG v2.0.14 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkv24OgACgkQrlYvE4MpobNQzg

Re: SELinux blocks access to device files when booting 2.6.32.* kernels (fc12)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ls -lZ /dev -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkv24O0ACgkQrlYvE4MpobNAPgCfQ2aPY5slIPABmtPEBf4fFd3x ic8An3NTKNlDKiLUi/9OJQ/HY1amf7hV =3RY7 -EN

Re: SELinux blocks access to device files when booting 2.6.32.* kernels (fc12)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ls -lZ /dev -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkv24OgACgkQrlYvE4MpobNQzgCg0DGF1uq/TTuEgXQDbRSJNrMA 7qwAoM0Ei47mc5dwmushd5eNQikmGs0H =X602 -EN

Re: SELinux blocks access to device files when booting 2.6.32.* kernels (fc12)

On Fri, May 21, 2010 at 4:30 AM, Daniel J Walsh wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 05/21/2010 03:03 AM, Karl-Michael Schneider wrote: >> I did some more debugging: booted both kernels in single user mode, >> then listed the security contexts in /dev: >> >> kernel-2.6.3

Re: SELinux blocks access to device files when booting 2.6.32.* kernels (fc12)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/21/2010 03:03 AM, Karl-Michael Schneider wrote: > I did some more debugging: booted both kernels in single user mode, > then listed the security contexts in /dev: > > kernel-2.6.31.12-174.2.22.fc12: > $ ls -Zd /dev > drwxr-xr-x. root root system

Re: SELinux blocks access to device files when booting 2.6.32.* kernels (fc12)

I did some more debugging: booted both kernels in single user mode, then listed the security contexts in /dev: kernel-2.6.31.12-174.2.22.fc12: $ ls -Zd /dev drwxr-xr-x. root root system_u:object_r:device_t:s0/dev files in /dev are labeled according to /etc/selinux/targeted/contexts/files/file_

SELinux blocks access to device files when booting 2.6.32.* kernels (fc12)

I cannot boot any 2.6.32.* kernel, right after udev is started I see console messages like ln: creating symbolic link "/dev/fd": Permission denied and then booting is very slow and mounting the local file systems fails. I believe it is a problem with SELinux because when I add enforcing=0 to the