[redhat-lspp] grub-install errors?

Klaus Heinrich Kiwi Fri, 08 Dec 2006 06:05:20 -0800

Hi,



I'm having errors while trying to re-install the grub bootloader (just changed 
some parts of menu.lst -- don't even know if reinstalling grub is really 
necessary, but anyway...)



Using root id, seccontext 'staff_u:sysadm_r:sysadm_t:SystemLow-s15:c0.c1023', 
enforcing mls policy:



[EMAIL PROTECTED] /]# grub-install /dev/hda

Could not find device for /dev/mapper/VolGroup01-LvRoot

Could not find device for /dev/hda1

Could not find device for /dev/hda1

/dev/hda1: Not found or not a block device.

[EMAIL PROTECTED] /]# 



Running in permissive is working as expected...



Also tried running from the machine's console, as root, newrole -r sysadm_r.. 
same errors..



Is there a 'special' way of doing this (such as using some kind of 'diskadm_r' 
role or whatever) or is this a bug?



System is a beta2 i386:

[EMAIL PROTECTED] /]# rpm -qa | egrep 'policy|selinux'

selinux-policy-devel-2.4.3-8.el5

libselinux-1.30.29-2

selinux-policy-targeted-2.4.3-8.el5

libselinux-devel-1.30.29-2

policycoreutils-newrole-1.32-1

selinux-policy-mls-2.4.3-8.el5

checkpolicy-1.30.12-1

libselinux-python-1.30.29-2

policycoreutils-1.32-1

selinux-policy-2.4.3-8.el5

[EMAIL PROTECTED] /]#



Have already tried with 20061201 refresh: same errors.





==avc messages (BIG -- sorry!)==



type=AVC msg=audit(1165582522.000:1137): avc:  denied  { execute } for  
pid=23989 comm="grub-install" name="mdadm" dev=dm-0 ino=615943 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:mdadm_exec_t:s0 tclass=file

type=SYSCALL msg=audit(1165582522.000:1137): arch=40000003 syscall=11 
success=no exit=-13 a0=9b538f0 a1=9b53978 a2=9b5dad8 a3=9b53760 items=0 
ppid=23988 pid=23989 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC msg=audit(1165582522.013:1138): avc:  denied  { execute } for  
pid=23989 comm="grub-install" name="mdadm" dev=dm-0 ino=615943 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:mdadm_exec_t:s0 tclass=file

type=SYSCALL msg=audit(1165582522.013:1138): arch=40000003 syscall=33 
success=no exit=-13 a0=9b538f0 a1=1 a2=11 a3=9b538f0 items=0 ppid=23988 
pid=23989 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 
tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC msg=audit(1165582522.526:1139): avc:  denied  { execute } for  
pid=24010 comm="grub-install" name="mdadm" dev=dm-0 ino=615943 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:mdadm_exec_t:s0 tclass=file

type=SYSCALL msg=audit(1165582522.526:1139): arch=40000003 syscall=11 
success=no exit=-13 a0=9b522d0 a1=9b52358 a2=9b5dad8 a3=9b52140 items=0 
ppid=24009 pid=24010 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC msg=audit(1165582522.536:1140): avc:  denied  { execute } for  
pid=24010 comm="grub-install" name="mdadm" dev=dm-0 ino=615943 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:mdadm_exec_t:s0 tclass=file

type=SYSCALL msg=audit(1165582522.536:1140): arch=40000003 syscall=33 
success=no exit=-13 a0=9b522d0 a1=1 a2=11 a3=9b522d0 items=0 ppid=24009 
pid=24010 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 
tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC msg=audit(1165582522.689:1141): avc:  denied  { getattr } for  
pid=24016 comm="grub-install" name="VolGroup01-LvRoot" dev=tmpfs ino=725 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:fixed_disk_device_t:s15:c0.c1023 tclass=blk_file

type=SYSCALL msg=audit(1165582522.689:1141): arch=40000003 syscall=196 
success=no exit=-13 a0=9b5e830 a1=bfc4c408 a2=4b0ff4 a3=9b52420 items=0 
ppid=24012 pid=24016 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC_PATH msg=audit(1165582522.689:1141):  
path="/dev/mapper/VolGroup01-LvRoot"

type=AVC msg=audit(1165582522.719:1142): avc:  denied  { getattr } for  
pid=24017 comm="grub-install" name="VolGroup01-LvRoot" dev=tmpfs ino=725 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:fixed_disk_device_t:s15:c0.c1023 tclass=blk_file

type=SYSCALL msg=audit(1165582522.719:1142): arch=40000003 syscall=195 
success=no exit=-13 a0=9b5e428 a1=bfc4c3f8 a2=4b0ff4 a3=9b5e42e items=0 
ppid=24012 pid=24017 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC_PATH msg=audit(1165582522.719:1142):  
path="/dev/mapper/VolGroup01-LvRoot"

type=AVC msg=audit(1165582522.937:1143): avc:  denied  { getattr } for  
pid=24027 comm="grub-install" name="hda1" dev=tmpfs ino=664 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:fixed_disk_device_t:s15:c0.c1023 tclass=blk_file

type=SYSCALL msg=audit(1165582522.937:1143): arch=40000003 syscall=196 
success=no exit=-13 a0=9b5e328 a1=bfc4c408 a2=4b0ff4 a3=9b52430 items=0 
ppid=24023 pid=24027 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC_PATH msg=audit(1165582522.937:1143):  path="/dev/hda1"

type=AVC msg=audit(1165582522.964:1144): avc:  denied  { getattr } for  
pid=24028 comm="grub-install" name="hda1" dev=tmpfs ino=664 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:fixed_disk_device_t:s15:c0.c1023 tclass=blk_file

type=SYSCALL msg=audit(1165582522.964:1144): arch=40000003 syscall=195 
success=no exit=-13 a0=9b52720 a1=bfc4c3f8 a2=4b0ff4 a3=9b52726 items=0 
ppid=24023 pid=24028 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC_PATH msg=audit(1165582522.964:1144):  path="/dev/hda1"

type=AVC msg=audit(1165582523.191:1145): avc:  denied  { getattr } for  
pid=24038 comm="grub-install" name="hda1" dev=tmpfs ino=664 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:fixed_disk_device_t:s15:c0.c1023 tclass=blk_file

type=SYSCALL msg=audit(1165582523.191:1145): arch=40000003 syscall=196 
success=no exit=-13 a0=9b5e408 a1=bfc4c408 a2=4b0ff4 a3=9b52478 items=0 
ppid=24034 pid=24038 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC_PATH msg=audit(1165582523.191:1145):  path="/dev/hda1"

type=AVC msg=audit(1165582523.219:1146): avc:  denied  { getattr } for  
pid=24039 comm="grub-install" name="hda1" dev=tmpfs ino=664 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:fixed_disk_device_t:s15:c0.c1023 tclass=blk_file

type=SYSCALL msg=audit(1165582523.219:1146): arch=40000003 syscall=195 
success=no exit=-13 a0=9b52780 a1=bfc4c3f8 a2=4b0ff4 a3=9b52786 items=0 
ppid=24034 pid=24039 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC_PATH msg=audit(1165582523.219:1146):  path="/dev/hda1"

type=AVC msg=audit(1165582523.421:1147): avc:  denied  { execute } for  
pid=24048 comm="grub-install" name="mdadm" dev=dm-0 ino=615943 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:mdadm_exec_t:s0 tclass=file

type=SYSCALL msg=audit(1165582523.421:1147): arch=40000003 syscall=11 
success=no exit=-13 a0=9b55040 a1=9b5d528 a2=9b5dad8 a3=9b5c928 items=0 
ppid=24047 pid=24048 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC msg=audit(1165582523.454:1148): avc:  denied  { execute } for  
pid=24048 comm="grub-install" name="mdadm" dev=dm-0 ino=615943 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:mdadm_exec_t:s0 tclass=file

type=SYSCALL msg=audit(1165582523.454:1148): arch=40000003 syscall=33 
success=no exit=-13 a0=9b55040 a1=1 a2=11 a3=9b55040 items=0 ppid=24047 
pid=24048 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 
tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC msg=audit(1165582523.513:1149): avc:  denied  { getattr } for  
pid=24050 comm="grub-install" name="hda1" dev=tmpfs ino=664 
scontext=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 
tcontext=system_u:object_r:fixed_disk_device_t:s15:c0.c1023 tclass=blk_file

type=SYSCALL msg=audit(1165582523.513:1149): arch=40000003 syscall=195 
success=no exit=-13 a0=9b5e860 a1=bfc4d478 a2=4b0ff4 a3=9b5e866 items=0 
ppid=23955 pid=24050 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=pts0 comm="grub-install" exe="/bin/bash" 
subj=staff_u:sysadm_r:sysadm_t:s0-s15:c0.c1023 key=(null)

type=AVC_PATH msg=audit(1165582523.513:1149):  path="/dev/hda1"



(I'm also forwarding this to the public lspp list - we are in a hurry after 
all!)



Thank you!



 -K

--
redhat-lspp mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/redhat-lspp

[redhat-lspp] grub-install errors?

Reply via email to