Deepak Shrestha wrote:
On 7/29/06, Paul Howarth <paul@xxxxxxxxxxxx> wrote:
Deepak Shrestha wrote:
>> The problem appears to be depmod trying to unlink (delete) a file of
>> context type modules_object_t. I can't see any need for it to delete
>> anything that's actually a kernel module, so perhaps you have a
>> labelling problem?
>>
>> Can you post the output of the following commands:
>>
>> $ ls -lZ /lib/modules//2.6.17-1.2157_FC5
>>
>> $ rpm -q --scripts kernel-module-ntfs-2.6.17-1.2157_FC5
>>
>> Paul.
>
>
> Ok
>
> output of
>
> $ ls -lZ /lib/modules//2.6.17-1.2157_FC5
>
> ============
> lrwxrwxrwx root root system_u:object_r:modules_object_t build ->
> ../../../usr/src/kernels/2.6.17-1.2157_FC5-i686
> drwxr-xr-x root root system_u:object_r:modules_object_t extra
> drwxr-xr-x root root system_u:object_r:modules_object_t kernel
> -rw-r--r-- root root user_u:object_r:modules_dep_t modules.alias
> -rw-r--r-- root root user_u:object_r:modules_dep_t modules.ccwmap
> -rw-r--r-- root root user_u:object_r:modules_dep_t modules.dep
> -rw-r--r-- root root user_u:object_r:modules_dep_t
modules.ieee1394map
> -rw-r--r-- root root user_u:object_r:modules_dep_t modules.inputmap
> -rw-r--r-- root root user_u:object_r:modules_dep_t
modules.isapnpmap
> -rw-r--r-- root root user_u:object_r:modules_dep_t modules.ofmap
> -rw-r--r-- root root user_u:object_r:modules_dep_t modules.pcimap
> -rw-r--r-- root root user_u:object_r:modules_dep_t modules.seriomap
> -rw-r--r-- root root user_u:object_r:modules_dep_t modules.symbols
> -rw-r--r-- root root user_u:object_r:modules_dep_t modules.usbmap
> lrwxrwxrwx root root system_u:object_r:modules_object_t source ->
build
> drwxr-xr-x root root system_u:object_r:modules_object_t updates
> ==============
>
> and output of
>
> $ rpm -q --scripts kernel-module-ntfs-2.6.17-1.2157_FC5
>
> ==============
> preinstall program: /bin/sh
> postinstall scriptlet (using /bin/sh):
> if [ -f /boot/System.map-2.6.17-1.2157_FC5 ]; then
> /sbin/depmod -a -F /boot/System.map-2.6.17-1.2157_FC5
> 2.6.17-1.2157_FC5 || :
> else
> /sbin/depmod -a || :
> fi
> postuninstall scriptlet (using /bin/sh):
> if [ -f /boot/System.map-2.6.17-1.2157_FC5 ]; then
> /sbin/depmod -a -F /boot/System.map-2.6.17-1.2157_FC5
> 2.6.17-1.2157_FC5 || :
> else
> /sbin/depmod -a || :
> fi
> ======================
Nothing looks particularly odd to me there. If you were running the
audit daemon we might have found the name of the actual file that depmod
was trying to remove, which would have helped.
The only thing I can think of now would be to try reinstalling the
package and if the problem is repeated. If not, it's likely that it was
a labelling issue that has "fixed itself" by having depmod write a new
file with the correct context type when you did the original install in
permissive mode.
Paul.
I can't remember the particular package which got denied when I did
the yum update but its not giving me touble at this moment. Hope next
update will solve this problem.
D'oh, silly me. The answer was there is the first post of this thread.
The file concerned was /lib/modules/2.6.17-1.2157_FC5/modules.dep.temp,
probably created during installation of the
kernel-module-ntfs-2.6.17-1.2157_FC5 package.
If a file of that name is created by depmod, it should have the
modules_dep_t file context type. However, if it's created by an
unconfined process (e.g. by just doing "touch
/lib/modules/2.6.17-1.2157_FC5/modules.dep.temp"), it'll get the
modules_object_t context type, which is what caused the problem. So the
question is, how did that file get created?
It would be useful if you could try uninstalling
kernel-module-ntfs-2.6.17-1.2157_FC5, making sure that
/lib/modules/2.6.17-1.2157_FC5/modules.dep.temp does not exist, making
sure that you're in enforcing mode, then trying to reinstall
kernel-module-ntfs-2.6.17-1.2157_FC5 and see if the problem happens again.
Paul.
