388875 – bootmisc wants to write to /var/log

Bug 388875 - bootmisc wants to write to /var/log

Summary: bootmisc wants to write to /var/log

Status:	VERIFIED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Hardened (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Sven Vermeulen (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:	293742
	Show dependency tree

Reported:	2011-10-29 18:39 UTC by Sven Vermeulen (RETIRED)
Modified:	2011-12-20 18:53 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sven Vermeulen (RETIRED) gentoo-dev

2011-10-29 18:39:59 UTC

In the bootmisc code, the script wants to write to /var/log to dump the output of "dmesg" into a /var/log/dmesg file. SELinux might hinder this, as initrc_t does not hold the proper privileges on var_log_t to do so.

{ create } comm="mkdir" name=".test.1390" scontext=system_u:system_r:initrc_t
tcontext=system_u:object_r:var_log_t tclass=dir  
{ rmdir } comm="rmdir" name=".test.1390" dev=vda4 ino=16285
scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_log_t
tclass=dir

Reproducible: Always

Comment 1 Sven Vermeulen (RETIRED) gentoo-dev

2011-10-29 18:41:00 UTC

Bug originally reported by Nick Kossifidis (bug #293742)

Comment 2 Sven Vermeulen (RETIRED) gentoo-dev

2011-11-12 21:20:14 UTC

In hardened-dev overlay

Comment 3 Sven Vermeulen (RETIRED) gentoo-dev

2011-11-15 10:52:15 UTC

Moved to main portage tree, ~arch'ed.

Comment 4 Sven Vermeulen (RETIRED) gentoo-dev

2011-12-20 18:53:32 UTC

stabilized.