Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
SELinux: /var/run symlink issue
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
krotuss
Apprentice
Apprentice


Joined: 01 Aug 2008
Posts: 161

PostPosted: Sat May 07, 2016 3:47 pm    Post subject: SELinux: /var/run symlink issue Reply with quote

Hi,
I have issues with incorrectly labeled files and directories in /var/run. Take /var/run/udev for example:
Code:
ls -dZ /var/run/udev/
system_u:object_r:tmpfs_t /var/run/udev/

even though it is supposed to be system_u:object_r:udev_var_run_t and correct file context rules are installed:
Code:
semanage fcontext -l | grep /var/run/udev
/var/run/udev(/.*)?                                all files          system_u:object_r:udev_var_run_t
/var/run/udev-configure-printer(/.*)?              all files          system_u:object_r:cupsd_config_var_run_t
/var/run/udev/data(/.*)?                           all files          system_u:object_r:udev_tbl_t
/var/run/udev/rules\.d(/.*)?                       all files          system_u:object_r:udev_rules_t

I suspect that this is because /var/run is a symlink to /run. I had found some mention about it here, but that post is fairly old. Does anybody know how to solve this problem? Thanks
Back to top
View user's profile Send private message
krotuss
Apprentice
Apprentice


Joined: 01 Aug 2008
Posts: 161

PostPosted: Sat May 07, 2016 9:57 pm    Post subject: Reply with quote

Hmm, restorecon -r /var/run fixed it, does anybody knows why running rlpkg didn't worked?

EDIT:

Bit of an update, hope it will help somebody:
rlpkg doesn't work because it deals with package owned files, while /var/run/* is runtime created. For the same reason restorecon -r /var/run doesn't persist reboot. Problem is caused by context of process that creates /var/run/udev which is not initrc_t (/etc/init.d/udev) but probably /lib64/rc/bin/checkpath. When I delete /var/run/udev at runtime and issue /etc/init.d/udev restart, /var/run/udev gets created with proper context. This was discussed, again, in the past.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum