udev has SELinux policy now and rules must be labeled appropriately. Since
the initramfs runs before policy is loaded, we can't label files we create
so we should instead append to an existing file
---
creator/mayflower | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/creator/mayflower b/creator/mayflower
index b5062bf..0ef6a09 100755
--- a/creator/mayflower
+++ b/creator/mayflower
@@ -556,12 +556,12 @@ do_livecd_from_loop121() {
# create rule so udev creates /dev/livecd symlink on real rootfs
if [ "\$livecd_ram" == "1" ] ; then
- echo "KERNEL==\"loop118\", SYMLINK+=\"livecd\"" >
/sysroot/etc/udev/rules.d/00-livecd.rules
+ echo "KERNEL==\"loop118\", SYMLINK+=\"livecd\""
>> /sysroot/etc/udev/rules.d/50-udev.rules
else
- echo "KERNEL==\"hd[a-z]\", BUS==\"ide\",
SYSFS{removable}==\"1\", ATTRS{media}==\"cdrom\",
PROGRAM=\"/lib/udev/vol_id -l %N\", RESULT==\"\$CDLABEL\",
SYMLINK+=\"livecd\"" > /sysroot/etc/udev/rules.d/00-livecd.rules
- echo "KERNEL==\"sr[0-9]\", PROGRAM=\"/lib/udev/vol_id -l
%N\", RESULT==\"\$CDLABEL\", SYMLINK+=\"livecd\"" >>
/sysroot/etc/udev/rules.d/00-livecd.rules
- echo "KERNEL==\"scd[0-9]\", PROGRAM=\"/lib/udev/vol_id -l
%N\", RESULT==\"\$CDLABEL\", SYMLINK+=\"livecd\"" >>
/sysroot/etc/udev/rules.d/00-livecd.rules
- echo "KERNEL==\"pcd[0-9]\", PROGRAM=\"/lib/udev/vol_id -l
%N\", RESULT==\"\$CDLABEL\", SYMLINK+=\"livecd\"" >>
/sysroot/etc/udev/rules.d/00-livecd.rules
+ echo "KERNEL==\"hd[a-z]\", BUS==\"ide\",
SYSFS{removable}==\"1\", ATTRS{media}==\"cdrom\",
PROGRAM=\"/lib/udev/vol_id -l %N\", RESULT==\"\$CDLABEL\",
SYMLINK+=\"livecd\"" >> /sysroot/etc/udev/rules.d/50-udev.rules
+ echo "KERNEL==\"sr[0-9]\", PROGRAM=\"/lib/udev/vol_id -l
%N\", RESULT==\"\$CDLABEL\", SYMLINK+=\"livecd\"" >>
/sysroot/etc/udev/rules.d/50-udev.rules
+ echo "KERNEL==\"scd[0-9]\", PROGRAM=\"/lib/udev/vol_id -l
%N\", RESULT==\"\$CDLABEL\", SYMLINK+=\"livecd\"" >>
/sysroot/etc/udev/rules.d/50-udev.rules
+ echo "KERNEL==\"pcd[0-9]\", PROGRAM=\"/lib/udev/vol_id -l
%N\", RESULT==\"\$CDLABEL\", SYMLINK+=\"livecd\"" >>
/sysroot/etc/udev/rules.d/50-udev.rules
fi
mount -n -o ro,remount /sysroot
--
1.5.0.2
Show replies by date
On Thu, 2007-03-22 at 16:05 -0400, Jeremy Katz wrote:
udev has SELinux policy now and rules must be labeled appropriately.
Since
the initramfs runs before policy is loaded, we can't label files we create
so we should instead append to an existing file
Nice catch, I bet that was the source of the selinux problems you showed
me yesterday? Please commit.
David
On Thu, 2007-03-22 at 17:00 -0400, David Zeuthen wrote:
On Thu, 2007-03-22 at 16:05 -0400, Jeremy Katz wrote:
> udev has SELinux policy now and rules must be labeled appropriately. Since
> the initramfs runs before policy is loaded, we can't label files we create
> so we should instead append to an existing file
Nice catch, I bet that was the source of the selinux problems you showed
me yesterday? Please commit.
It's one component of the SELinux problems
Jeremy