[prev in list] [next in list] [prev in thread] [next in thread] 

List:       selinux
Subject:    Tar problems when restoring polyinstantiated directories
From:       Nick Gray <nick () austin ! rr ! com>
Date:       2008-12-17 14:54:56
Message-ID: CAF3C53F-C7C9-419C-9F2A-F7D5BB48AF64 () austin ! rr ! com
[Download RAW message or body]

I am noticing an error from Tar when trying to restore  
polyinstantiated directories. Rather than try to go into verbal detail  
I though I would include the test example that I ran

-----------
As root

mkdir /TEST
mkdir /TEST/poly
mkdir /TEST/poly.inst
mkdir /TEST/single
chmod -R 777 /TEST
Edit /etc/security/namespace.conf and add

/TEST/poly /TEST/poly.inst/ level:shared:noinit:create=0777,,nick  root

reboot

open a terminal as nick

newrole -l "SECRET-SECRET"
touch /TEST/poly/SECRET
touch /TEST/single/SECRET

exit back to SystemLow
su -
cd /
tar cv --xattrs -f test.tar /TEST

rm -r /TEST/* (This will give "rm: cannot remove directory `/TEST/ 
poly': Device or resource busy")

note that /TEST/poly.inst and single are gone.

tar xf test.tar

tar: TEST/poly.inst/78d20e47cbefd4885c856413327b3acb: Warning: Cannot  
acl_from_text: Invalid argument
tar: TEST/poly.inst/0cd9e1d91636475b2aa52c5c8ba08a22: Warning: Cannot  
acl_from_text: Invalid argument

The directories have been restored, and the SECRET file in poly has  
been restored, is accessible and only visbile by nick at SECRET-SECRET
-----------

Gladly appreciate any comments. I will look into the source when I get  
a chance and see if I can get more information.

Thanks Nicks.



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]