From mboxrd@z Thu Jan  1 00:00:00 1970
From: dwalsh@redhat.com (Daniel J Walsh)
Date: Fri, 05 Mar 2010 11:05:06 -0500
Subject: [refpolicy] kernel_storage.patch
In-Reply-To: <1267730600.11679.62.camel@gorn.columbia.tresys.com>
References: <4B842E4B.4000809@redhat.com>
	<1267730600.11679.62.camel@gorn.columbia.tresys.com>
Message-ID: <4B912BB2.5010601@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 03/04/2010 02:23 PM, Christopher J. PeBenito wrote:
> On Tue, 2010-02-23 at 14:36 -0500, Daniel J Walsh wrote:
>    
>> http://people.fedoraproject.org/~dwalsh/SELinux/F13/kernel_storage.patch
>>
>> Add files context for /dev/etherd
>>      
> Merged.
>
>    
>> Dontaudit attempts to relable lnk_files.
>>      
> Not so sure about this; it doesn't seem like it would be a general
> problem, rather, a broken behavior of a particular program.  Since
> relabeling means there is some SELinux awareness, it shouldn't be tough
> to track this down.
>
>    
I think some of these are caused by the cp command.

./services/virt.te:storage_relabel_fixed_disk(virtd_t)
./system/lvm.te:storage_relabel_fixed_disk(clvmd_t)
./system/lvm.te:storage_relabel_fixed_disk(lvm_t)

If you execute cp -p it causes this AVC to happen when it tries to set 
the context.