Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 426958 - /etc/init.d/net.eth0 with dhcpcd config doesn't start due do /run migration ~amd64/selinux
Summary: /etc/init.d/net.eth0 with dhcpcd config doesn't start due do /run migration ~...
Status: VERIFIED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: SELinux (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Sven Vermeulen (RETIRED)
URL:
Whiteboard: sec-policy r15
Keywords:
Depends on:
Blocks: 424173
  Show dependency tree
 
Reported: 2012-07-17 10:00 UTC by Amadeusz Sławiński
Modified: 2012-10-04 18:34 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Amadeusz Sławiński 2012-07-17 10:00:41 UTC 
% cat /etc/conf.d/net

config_eth0="dhcp"


# /etc/init.d/net.eth0 start
Authenticating root.
Password: 
 * Bringing up interface eth0
 *   dhcp ...
 *     Running dhcpcd ...
dhcpcd[2463]: version 5.5.6 starting
dhcpcd[2463]: all: not configured to accept IPv6 RAs
mkdir: cannot create directory '/var/run/dhcpcd': Permission denied
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 54: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 58: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 60: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 64: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
cat: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
mkdir: cannot create directory '/var/run/dhcpcd': Permission denied
mkdir: cannot create directory '/var/run/dhcpcd': Permission denied
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 54: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 58: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 60: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 64: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
cat: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
mkdir: cannot create directory '/var/run/dhcpcd': Permission denied
dhcpcd[2463]: eth0: rebinding lease of 192.168.0.103
dhcpcd[2463]: eth0: acknowledged 192.168.0.103 from 192.168.0.1
dhcpcd[2463]: eth0: leased 192.168.0.103 for infinity
mkdir: cannot create directory '/var/run/dhcpcd': Permission denied
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 125: /var/run/dhcpcd/resolv.conf/eth0: No such file or directory
mkdir: cannot create directory '/var/run/dhcpcd': Permission denied
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 54: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 58: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 60: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
/lib/dhcpcd/dhcpcd-hooks/20-resolv.conf: line 64: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
cat: /var/run/dhcpcd/resolv.conf.eth0: No such file or directory
mkdir: cannot create directory '/var/run/dhcpcd': Permission denied
mkdir: cannot create directory '/var/run/dhcpcd': Permission denied
dhcpcd[2463]: forked to background, child pid 2498                                                                                     [ ok ]
 *     received address 192.168.0.103/24                                                                                               [ ok ]

grep dhcpcd /var/log/avc.log

In enforcing when starting:
Jul 17 11:49:11 lain kernel: [   21.651834] type=1400 audit(1342518551.796:22): avc:  denied  { create } for  pid=2044 comm="dhcpcd" name="dhcpcd.sock" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=sock_file
Jul 17 11:49:11 lain kernel: [   21.789595] type=1400 audit(1342518551.933:23): avc:  denied  { create } for  pid=2047 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:11 lain kernel: [   21.823437] type=1400 audit(1342518551.969:24): avc:  denied  { create } for  pid=2054 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:11 lain kernel: [   21.838603] type=1400 audit(1342518551.983:25): avc:  denied  { create } for  pid=2057 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:12 lain kernel: [   21.852399] type=1400 audit(1342518551.996:26): avc:  denied  { create } for  pid=2064 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:12 lain kernel: [   21.866849] type=1400 audit(1342518552.013:27): avc:  denied  { create } for  pid=2067 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:19 lain kernel: [   29.253815] type=1400 audit(1342518559.413:33): avc:  denied  { create } for  pid=2097 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:19 lain kernel: [   29.257242] type=1400 audit(1342518559.416:34): avc:  denied  { create } for  pid=2099 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:19 lain kernel: [   29.271379] type=1400 audit(1342518559.429:35): avc:  denied  { create } for  pid=2106 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:19 lain kernel: [   29.274766] type=1400 audit(1342518559.433:36): avc:  denied  { create } for  pid=2108 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:55 lain kernel: [   65.475610] type=1400 audit(1342518595.706:42): avc:  denied  { create } for  pid=2466 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:55 lain kernel: [   65.485264] type=1400 audit(1342518595.716:43): avc:  denied  { create } for  pid=2474 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:55 lain kernel: [   65.496044] type=1400 audit(1342518595.726:44): avc:  denied  { create } for  pid=2477 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:55 lain kernel: [   65.505154] type=1400 audit(1342518595.736:45): avc:  denied  { create } for  pid=2484 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:55 lain kernel: [   65.570682] type=1400 audit(1342518595.803:46): avc:  denied  { create } for  pid=2486 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:55 lain kernel: [   65.572883] type=1400 audit(1342518595.803:47): avc:  denied  { create } for  pid=2488 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:55 lain kernel: [   65.581494] type=1400 audit(1342518595.813:48): avc:  denied  { create } for  pid=2495 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:49:55 lain kernel: [   65.584010] type=1400 audit(1342518595.816:49): avc:  denied  { create } for  pid=2497 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir

In enforcing when stopping:
Jul 17 11:51:28 lain kernel: [  158.494628] type=1400 audit(1342518688.909:51): avc:  denied  { create } for  pid=2886 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:51:28 lain kernel: [  158.505815] type=1400 audit(1342518688.923:52): avc:  denied  { create } for  pid=2893 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:51:29 lain kernel: [  158.622402] type=1400 audit(1342518689.039:53): avc:  denied  { create } for  pid=2952 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir
Jul 17 11:51:29 lain kernel: [  158.634673] type=1400 audit(1342518689.049:54): avc:  denied  { create } for  pid=2964 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir

In permissive when starting:
Jul 17 11:52:04 lain kernel: [  193.814838] type=1400 audit(1342518724.299:64): avc:  denied  { create } for  pid=3068 comm="mkdir" name="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t tclass=dir

In permissive when stopping:
empty


ls -lZ /run/ | grep dhcpcd
drwxr-xr-x.  4 root root system_u:object_r:var_run_t           80 Jul 17 11:52 dhcpcd
-rw-r--r--.  1 root root system_u:object_r:dhcpc_var_run_t      5 Jul 17 11:52 dhcpcd-eth0.pid
-rw-r--r--.  1 root root system_u:object_r:dhcpc_var_run_t      5 Jul 17 11:49 dhcpcd.pid


Reproducible: Always
Comment 1 Sven Vermeulen (RETIRED) gentoo-dev 2012-07-17 12:29:47 UTC 
I notice two things. One is that the scripts are trying to create directories in /var/run (not /run). If you create "/var/run/dhcpcd" manually and run "restorecon -R /var/run/dhcpcd", does that fix the problem(s)? As the directory in /var/run is static (not regenerated during each boot) that might solve this (short-term).

Regarding the /run, are the logs you show for the /run location or still for /var/run?
Comment 2 Amadeusz Sławiński 2012-07-17 12:37:54 UTC 
The problem is that on new installs /var/run is linked to /run which is tmpfs so as far a I can tell all dirs gets recreated every reboot
% ls -l /var | grep run
lrwxrwxrwx.  1 root   root    9 Jul 14 14:34 lock -> /run/lock
lrwxrwxrwx.  1 root   root    4 Jul 14 14:34 run -> /run
Comment 3 Sven Vermeulen (RETIRED) gentoo-dev 2012-07-17 15:28:03 UTC 
I hate it, but you're right. recent stage3s have /var/run symlinked to /run
Comment 4 Sven Vermeulen (RETIRED) gentoo-dev 2012-07-17 16:25:29 UTC 
Will be fixed in rev15
Comment 5 Sven Vermeulen (RETIRED) gentoo-dev 2012-07-21 20:17:17 UTC 
in hardened-dev overlay
Comment 6 Sven Vermeulen (RETIRED) gentoo-dev 2012-07-28 09:27:54 UTC 
In main tree, ~arched
Comment 7 Sven Vermeulen (RETIRED) gentoo-dev 2012-10-04 18:34:12 UTC 
stabilized