Re: Bug#263079: udev: missing mknod on ppp

[Luke Kenneth Casson Leighton <lkcl@lkcl.net>]

On Tue, Aug 03, 2004 at 01:11:48AM +0200, Marco d'Itri wrote:
> On Aug 03, Luke Kenneth Casson Leighton <lkcl@lkcl.net> wrote:
> 
> > thank you for pointing me at the README.Debian because it makes clear
> > that for SE/Linux there are certain /dev entries that may not get
> > fired up by udev, and consequently won't have se/linux permissions set!
> On debian, *all* devices are supposed to be created by udev if udev is
> installed (because /dev is a tmpfs).
> I don't know why /dev/ppp is not being created on your system.


this could have something to do with it: it looks like udev
is not quick enough to create the device node in time for pppd
to use it.


Aug  3 09:18:49 localhost udev[3255]: creating device node '/dev/ttyUSB0'
Aug  3 09:18:54 localhost pppd[3258]: pppd is unable to open the /dev/ppp device. You need to create the /dev/ppp device node by executing the following command as root: ^Imknod /dev/ppp c 108 0 
Aug  3 09:19:02 localhost kernel: CSLIP: code copyright 1989 Regents of the University of California
Aug  3 09:19:02 localhost kernel: PPP generic driver version 2.4.2
Aug  3 09:19:02 localhost pppd[3270]: pppd 2.4.2 started by root, uid 0
Aug  3 09:19:02 localhost udev[3269]: creating device node '/dev/ppp'
> 
> > i've had to modify /etc/init.d/udev to do a manual /sbin/restorecon on
> > all entries listed in /etc/udev/links.conf.
> This is a special-case, links.conf is supposed to be used *only* to
> create some symlinks and directories. I do not know enough about SE
> Linux to tell how it should be integrated with this.

 i do.

 i've patched my kernel to have tmpfs(shmfs) support se/linux
 attributes.

 _anything_ that goes into the /dev-mounted tmpfs _must_ have selinux
 attributes set on them.

 in the case of a persistent filesystem (ext2 etc) those attributes can
 be set once, and subsequently ignored.

 of course, with a tmpfs, then it's a bit like saying it's okay to
 create entries in /dev with chmod 0000 and not calling chgrp,
 we'll do it later sort of thing.

 so any symlinks and directories, also you _must_ call /sbin/restorecon
 or some equivalent.

 i've patched udev-0.030 to do likewise: all inodes, all directories
 (including subdirectories) and all symlinks in fact all creates,
 are now created with the correct selinux context.


> 
> > i have some vague and rushed recollection of forcibly doing an
> > /sbin/restorecon in /etc/init.d/modutils, too.
> /etc/init.d/modutils is 2.4.x stuff.
> 
> > the issue is, therefore that /etc/init.d/modutils will endeavour to
> > manually install modules at startup - even before udev is run - and
> > it doesn't bother to set the selinux permissions.
> No, it will not: udev is run S04 and module-init-tools at S20 of rcS.d.

 hm, then should that order be reversed, or do you think that
 module-init-tools should be fixed?
 
 (or other)

 l.



-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Linux-hotplug-devel mailing list  http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel