fstab-sync accessing homedirectories (Was Re: [russell@coker.com.au: Re: Policy patches])

David Zeuthen david at fubar.dk
Sun Sep 19 11:28:19 PDT 2004 

Hi,

thanks for the notice, I'm copying Russell to get some more information,

On Fri, 2004-09-17 at 17:22 +0100, Luke Kenneth Casson Leighton wrote: 
> thought you should know: something odd going on there, with
> fstab-sync accessing home directories unnecessarily.
> 

fstab-sync by itself doesn't touch home directories; it shouldn't at
least :-). I think this is because fstab-sync uses libhal which in turn
uses libdbus and dbus can use an authentication scheme that uses a
cookie in the home directory. However, I'm not sure this is used by
default, at least not on Fedora Core. I could be wrong though.

Russell, how do I reproduce this bug?

Thanks,
David

> [btw dontaudit means "it's banned but we don't want it in the logs either".]
> 
> ----- Forwarded message from Russell Coker <russell at coker.com.au> -----
> 
> Envelope-to: lkcl at localhost
> Delivery-date: Fri, 17 Sep 2004 17:14:53 +0100
> X-Sieve: CMU Sieve 2.2
> From: Russell Coker <russell at coker.com.au>
> Reply-To: russell at coker.com.au
> To: Daniel J Walsh <dwalsh at redhat.com>
> Subject: Re: Policy patches
> Cc: jwcart2 at epoch.ncsc.mil, SE Linux <selinux at tycho.nsa.gov>
> X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at sws.net.au
> X-Mailing-List: selinux-tycho.nsa.gov
> X-hands-com-MailScanner: Found to be clean
> X-MailScanner-From: owner-selinux at tycho.ncsc.mil
> 
> +dontaudit updfstab_t home_root_t:dir { getattr search };
> +dontaudit updfstab_t { home_dir_type home_type }:dir { search };
> 
> Why is fstab-sync trying to access home directories?
> 
> +allow ttyfile tmpfs_t:filesystem { associate };
> 
> Better to just use the dev_fs attribute.  I have attached a patch to do this 
> as well as clean up a few other minor issues with the macros directory.
> 
> _______________________________________________
> hal mailing list
> hal at freedesktop.org
> http://freedesktop.org/mailman/listinfo/hal

_______________________________________________
hal mailing list
hal at freedesktop.org
http://freedesktop.org/mailman/listinfo/hal

More information about the Hal mailing list