http://bugzilla.opensuse.org/show_bug.cgi?id=946544 Bug ID: 946544 Summary: dracut mkinitrd cannot run depmod in selinux Classification: openSUSE Product: openSUSE Factory Version: 201505* Hardware: x86-64 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening@forge.provo.novell.com Reporter: schrott3000@yahoo.de QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 648012 --> http://bugzilla.opensuse.org/attachment.cgi?id=648012&action=edit Described solution of changing the context before executing depmod [Overview] Mkinitrd fails on a selinux enabled system because depmod cannot access the kernel modules copied to the temp directory. Issue: Modules in dracut temp directory are labeled usr_tmpfs_t instead of modules_object_t [Steps to Reproduce] 1) Run a openSUSE Tumbleweed installation with dracut 043 2) Be sure to have selinux in enforcing mode (I have mls-policy not sure if it affects targeted policy too) 3) Run as root: mkinitrd -B [Actual Result] mkinitrd crashes because of not being able to run depmod [Expected Result] mkinitrd shoud finish the creation of the initrd image [Build] dracut-043 openSUSE Tumbleweed 20150909 [Solution] Fix labels of the $MKINITRD_TMP_PATH/lib/modules This can be most easily done by adding the following lines to dracut-functions.sh: See in dracut-functions-fixed.patch Alternatively there may be the possibility to add matching contexts to selinux-policy wich I would consider to be difficult because dracut changes the temp directory each time. -- You are receiving this mail because: You are on the CC list for the bug.