[Linux-users] fstab - selinux

Rick Sivernell res005ru
Thu Aug 2 12:50:35 PDT 2007 

all


  I guess I need some educationg here.
Problem:
In building some libraries for use in a program, I find that ldconfig does not insert the requested libs' into the cache, and installing the patjh into /etc/ld.so.conf does not help
when I start my program. I get the following:
error while loading shared libraries: libregistryD.so: cannot open shared object file: No such file or directory. 

The library is built and installed into the directory where it is required to be.

A second indication of the problem, now this may be part of it or not, is that when I use samba and try to access the shared directory from M$, I get a Selinux warning, as follows:
Summary
    SELinux is preventing access to files with the label, file_t.

Detailed Description
    SELinux permission checks on files labeled file_t are being denied.  file_t
    is the context the SELinux kernel gives to files that do not have a label.
    This indicates a serious labeling problem. No files on an SELinux box should
    ever be labeled file_t. If you have just added a new disk drive to the
    system you can relabel it using the restorecon command.  Otherwise you
    should relabel the entire files system.

Allowing Access
    You can execute the following command as root to relabel your computer
    system: "touch /.autorelabel; reboot"

Additional Information        

Source Context                user_u:system_r:ldconfig_t
Target Context                system_u:object_r:file_t
Target Objects                / [ dir ]
Affected RPM Packages         glibc-2.6-4 [application]filesystem-2.4.6-1.fc7
                              [target]
Policy RPM                    selinux-policy-2.6.4-29.fc7
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.file
Host Name                     RSivernell.sivernell.net
Platform                      Linux RSivernell.sivernell.net
                              2.6.20-2925.11.fc7xen #1 SMP Mon Jun 11 16:18:59
                              EDT 2007 x86_64 x86_64
Alert Count                   10
First Seen                    Mon 30 Jul 2007 02:25:52 PM CDT
Last Seen                     Tue 31 Jul 2007 07:11:23 AM CDT
Local ID                      2e053579-09f0-4052-940d-a750ba357b3b
Line Numbers                  

Raw Audit Messages            

avc: denied { search } for comm="ldconfig" dev=sdb3 egid=0 euid=0
exe="/sbin/ldconfig" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="/" pid=24252
scontext=user_u:system_r:ldconfig_t:s0 sgid=0 subj=user_u:system_r:ldconfig_t:s0
suid=0 tclass=dir tcontext=system_u:object_r:file_t:s0 tty=(none) uid=0


The interesting thing here is that the libraries that I want to include in ldconfig are on /dev/sdb3 partition.

When I installed the Fedora 7 on this system, I had only one hard drive and have add a second hard drive. The first drive is labeled as below in /etc/fstab
/dev/sda1
LABEL=/1                /                       ext3  .....
...
...
/dev/sdb3
/dev/sdb3               /swdev                  ext3  .....

[root at RSivernell ~]# more /proc/partitions
major minor  #blocks  name

   8     0  293036184 sda
   8     1   20482843 sda1
   8     2   79513717 sda2
   8     3   40957717 sda3
   8     4          1 sda4
   8     5   30716248 sda5
   8     6   20482843 sda6
   8     7   20482843 sda7
   8     8   20482843 sda8
   8     9   20482843 sda9
   8    10   15358108 sda10
   8    11   10241406 sda11
   8    12   10241406 sda12
   8    13    2048256 sda13
   8    14    1534176 sda14
   8    16  390711384 sdb
   8    17   29302528 sdb1
   8    18   19543072 sdb2
   8    19   48837600 sdb3
   8    20          1 sdb4
   8    21   19543041 sdb5
   8    22   19543041 sdb6
   8    23   29302528 sdb7
[root at RSivernell ~]# blkid
/dev/sda14: LABEL="SWAP-sda14" TYPE="swap"
/dev/sda13: LABEL="/tmp" UUID="236ea2e0-5dd3-4d71-a5ba-5b28a240108a" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda12: LABEL="/repository" UUID="70684f99-09cb-4d9d-90aa-36426dff2b08" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda11: LABEL="/data" UUID="4edfd436-67c3-4363-a43d-2244960d0eda" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda10: LABEL="/usr/local" UUID="f238b923-dda6-4d34-be5c-159e83be784c" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda9: LABEL="/home" UUID="a8041df2-ade4-4484-ba42-ebbeaa5b2bdb" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda8: LABEL="/archive" UUID="823aa548-4c40-438e-ad39-4e2cf7db139d" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda7: LABEL="/opt/document" UUID="60ccad8c-caaa-42c2-bc88-02e377ed01c3" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda6: LABEL="/opt/downloads" UUID="fa070470-8c9b-42a9-a1f1-84313bd240c9" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda5: LABEL="/opt" UUID="715526ea-2762-4216-b7be-3cff9c113e33" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda3: UUID="4693-BA64" TYPE="vfat"
/dev/sda2: LABEL="/misc" UUID="3145e518-6f07-44e9-93b4-5fd778005ddf" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda1: LABEL="/1" UUID="27c2b326-23b4-47d4-bd9c-8c1d7864ec1c" SEC_TYPE="ext2" TYPE="ext3"
/dev/sdb1: UUID="478eec69-9985-4749-bb9a-d354b5dcb45f" SEC_TYPE="ext2" TYPE="ext3"
/dev/sdb2: UUID="75271c49-485a-43f6-aa77-7534c2e713e3" SEC_TYPE="ext2" TYPE="ext3"
/dev/sdb3: UUID="80c02a93-d47a-4e2d-b5ed-cae34424196f" SEC_TYPE="ext2" TYPE="ext3"
/dev/sdb7: UUID="c8c9916b-8197-4fd4-9fb6-ca7d788224af" SEC_TYPE="ext2" TYPE="ext3"
/dev/sdb6: UUID="9246aa09-c878-4256-893a-3b4d81e49049" SEC_TYPE="ext2" TYPE="ext3"
/dev/sdb5: UUID="0232453d-e8fa-4483-8973-3614d02e770b" SEC_TYPE="ext2" TYPE="ext3"

Question:
Do I need to fix /etc/fstab to use a label like the /dev/sda1 drive? If so, how do I
perform this repair properly? I have tried to just add LABEL=/swdev, this did not work at all.

or am I chasing a wild goose chase.  Any educating would be appreciated.

System is M2n-SLI-delux w dual AMD FX 4600 DUAL FX with 2 SATA drives using Fedora 7.

-- 
 Rick Sivernell
 Dallas, Texas  75287
 972 306-2296
 res005ru at verizon.net
 Registered Linux User

More information about the Linux-users mailing list