On Fri, 30 Dec 2016 17:17:24 +0100 cgzones <cgzo...@googlemail.com> wrote: > Hi, > thanks for your response. > I assigned this bug to systemd, cause I did not know any better and > thought the sysfs filesystem is managed by systemd, like /run. > > Btw, /dev/pts/ptmx is also mislabeled: > > root@debianSE:~# restorecon -vv -R -n /dev > Warning no default label for /dev/mqueue > Warning no default label for /dev/pts/0 > Would relabel /dev/pts/ptmx from system_u:object_r:devpts_t:s0 to > system_u:object_r:ptmx_t:s0 >
That context spec for /dev/pts/ptmx should probably be dropped and just leave it devpts_t > > Kindly Regards, > Christian Göttsche > > 2016-12-30 12:39 GMT+01:00 Laurent Bigonville <bi...@debian.org>: > > reassign 849637 policycoreutils > > thanks > > > > On Thu, 29 Dec 2016 12:36:30 +0100 cgzones <cgzo...@googlemail.com> wrote: > > > >> When running a SELinux enabled system /sys/devices/system/cpu/online > >> is mislabeled after boot: > >> > >> root@test1:/root/selinux/policy# restorecon -vv -R -F -n /sys > >> Would relabel /sys/devices/system/cpu/online from > >> system_u:object_r:sysfs_t:s0 to system_u:object_r:cpu_online_t:s0 > > > > Not sure why this is assigned to systemd as this is not created by systemd. > > > > It's working with sysvinit because the selinux-autorelabel LSB initscript is > > explicitly relabeling it during boot. > > > > Under systemd, that initscript is masked by the selinux-autorelabel.service. > > > > I was planning to add a tmpfiles for this, but apparently I forgot about it. > > > > Reassigning to policycoreutils > > > > Laurent Bigonville > > -- Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02 https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02 Dominick Grift
signature.asc
Description: OpenPGP digital signature