rpms/kexec-tools
7
0
Fork 0
Code Issues Pull Requests Releases Activity
Unnamed repository
480 Commits 9 Branches 65 Tags 6.5 MiB
Shell 91.1%
Roff 8.9%
aa15e6b6dc
Go to file
dyoung@redhat.com aa15e6b6dc kdumpctl: add selinux relabel when service startup 
Dracut root fs is always mounted, but it's not guaranteed to success
because we are in crash/kdump context. So selinux policy can not only
depends on chroot load_policy.

Per discussion with Vivek and Selinux people, relabel kdump files
when the service restart.

Currently only below cases are considerd:
1. target mounted in 1st kernel
2. target mounted as rw, if user mount it as 'ro' they will have to
   relabel the files by themselves.
3. save path is not masked, this means if /var/crash is mount to another
   disk which is different from dump target it will not visible to user
   so user need manually relabel them.
4. only local filesystem based targets.

Tested on F19 machine.
Tested local fs dump and network dump along with different save path
to address above mentioned cases.

Vivek: use function name is_dump_target_configured
       use getfattr -m "security.selinux" instead of ".*"
Daniel: use restorecon instead of chcon.
dyoung: keep minix in local fs list since it has not been deperacated yet.
Vivek: wrap is_dump_target_configured checking in function path_to_be_relabeled
dyoung: use awk instead of cut to print config value for different
        space delimeters
dyoung: mute df error message: `df $_mnt/$_path 2>/dev/null`

For nfs restorecon, since it will be in 3.11 kernel, we can add it when it's
ok in Fedora.

Signed-off-by: Dave Young <dyoung@redhat.com>
Acked-by: Vivek Goyal <vgoyal@redhat.com>
2013-06-13 11:28:25 +08:00
po Update translation file po/it.po 2013-01-28 14:02:09 +08:00
.gitignore Pull kexec-tools-2.0.4 2013-04-02 11:35:30 +08:00
98-kexec.rules udev rules fix 2012-05-28 09:50:47 +08:00
dracut-kdump.sh dracut-kdump.sh: umount rootfs after dump_to_rootfs 2013-06-13 11:28:25 +08:00
dracut-module-setup.sh depends on dracut selinux module 2013-06-13 11:28:25 +08:00
dracut-monitor_dd_progress remove dracut-files.tbz2 [v2] 2012-05-03 10:06:05 +08:00
firstboot_kdump.py firstboot:fix reserve mem ui spinbox step size 2012-12-12 17:15:10 +08:00
kdump.conf add dracut_args option to kdump.conf 2013-04-27 10:44:48 +08:00
kdump.conf.5 add dracut_args option to kdump.conf 2013-04-27 10:44:48 +08:00
kdump.init - Fix a syntax error in kdump init script 2010-06-13 21:54:34 +00:00
kdump.service Fixup sysytemd service file (bug 741272) 2012-02-14 10:13:06 -07:00
kdump.sysconfig do not mount root twice 2012-07-12 11:15:35 +08:00
kdump.sysconfig.i386 kdump.sysconfig: append "panic=10" to kdump cmdline 2013-06-13 11:28:12 +08:00
kdump.sysconfig.ia64 Mass Update of RHEL5 patches 2008-06-05 15:18:53 +00:00
kdump.sysconfig.ppc64 kdump.sysconfig: append "panic=10" to kdump cmdline 2013-06-13 11:28:12 +08:00
kdump.sysconfig.s390x kdump.sysconfig: append "panic=10" to kdump cmdline 2013-06-13 11:28:12 +08:00
kdump.sysconfig.x86_64 kdump.sysconfig: append "panic=10" to kdump cmdline 2013-06-13 11:28:12 +08:00
kdumpctl kdumpctl: add selinux relabel when service startup 2013-06-13 11:28:25 +08:00
kexec-kdump-howto.txt kexec-kdump-howto: grubby is suggested modifing kernel cmdline 2013-06-13 11:15:39 +08:00
kexec-tools-2.0.3-build-makedumpfile-eppic-shared-object.patch Support for eppic language as a subpackage 2013-03-14 14:42:55 +08:00
kexec-tools-2.0.3-disable-kexec-test.patch Disable kexec_test 2012-01-21 16:56:07 +08:00
kexec-tools.spec kexec-tools.spec: removes kexec udev rules for s390 2013-06-04 10:56:56 +08:00
mkdumprd add dracut_args option to kdump.conf 2013-04-27 10:44:48 +08:00
mkdumprd.8 Remove comma which is redundant 2013-02-16 15:19:41 +08:00
rhcrashkernel-param rhcrashkernel-param: echo crashkernel=auto for rhel7 2012-08-20 15:01:47 +08:00
sources Pull kexec-tools-2.0.4 2013-04-02 11:35:30 +08:00
zanata-notes.txt Add a notes for zanata process 2012-12-05 01:23:09 -05:00