Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 229789 - Please move /etc/lvm/.cache to its own directory to solve SELinux labeling problems.
Summary: Please move /etc/lvm/.cache to its own directory to solve SELinux labeling pr...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: lvm2
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Alasdair Kergon
QA Contact: Brian Brock
URL:
Whiteboard:
: 234189 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-02-23 15:04 UTC by Daniel Walsh
Modified: 2007-11-30 22:11 UTC (History)
7 users (show)

Fixed In Version: 2.02.23-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-07-19 20:20:47 UTC


Attachments (Terms of Use)

Description Daniel Walsh 2007-02-23 15:04:43 UTC
Description of problem:

SELinux protects certain Files/Directories against tampering by compromised
applications.  The way it does this is through the labeling of files.  If I file
is removed and recreated in a directory, by default it addopts the label  of the
directory.  We can write transition rules in SELinux that say when a process
labeled xyz_t creates a file in lvm_etc_t it should get labeled lvm_metadata_t,
but if we do not cover all  of the applications that create this file, the file
will get created with the wrong context.  This is happening with /etc/lvm/.cache
file.  

If this file was moved to /var/cache/lvm/ or /etc/lvm/cache/  We could then
label the directory lvm_metadata_t and all files created in the directory would
have the correct context.

Comment 1 Alasdair Kergon 2007-02-23 17:01:36 UTC
Only lvm tools should be touching that file.
Should the tools be calling set_selinux_context() like they do elsewhere if they
create the file?
[/var is not necessarily available when this runs while booting whereas /etc is.]

Anyway, I'll consider ways of separating it from the config files: people *are*
free to create additional config files in that directory with names of their
choice (matching a pattern), so those files need to inherit the context
appropriate for config files.

And the .cache file was just a quick 'proof of concept' thing: its format will
change and it might get split into several files.

Comment 2 Daniel Walsh 2007-02-26 14:50:38 UTC
From an SELinux point of view the easiest thing is to put it in a subdirectory.

/etc/lvm/cache would be fine.  So readonly config files would go in /etc/lvm and
read/write files in /etc/lvm/cache.  Or you could name it what ever you want.

Then we label the files in /etc/lvm lvm_etc_t and the files in /etc/lvm/cache
lvm_cache_t.   Adding SELinux awareness to lvm tools is not necessary and would
involve giving them additional privs that they do not need now.

Comment 3 Alasdair Kergon 2007-02-28 18:53:37 UTC
OK - I've changed this upstream (to use /etc/lvm/cache/.cache) so it'll get
picked up next time I update the package.

Comment 4 Daniel Walsh 2007-03-01 14:50:12 UTC
Ok I will adjust the selinux-policy package appropriately.

Thanks.

Dan

Comment 5 Alasdair Kergon 2007-03-08 21:47:09 UTC
building 2.02.23-1 with this change


Comment 6 Milan Broz 2007-11-02 12:47:17 UTC
*** Bug 234189 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.