Jiri Bohac changed bug 1213721
What Removed Added
Flags   needinfo?

Comment # 7 on bug 1213721 from Jiri Bohac 
FTR, the selinux-policy fix now allows kexec to read the kdump kernel via the
/var/lib/kdump/kernel symlink.

kdump's load.sh still fails on this test:
[[ -f /var/lib/kdump/kernel ]] || exit 6
At this point load.sh runs under init_t and SELinux denies following the link.

Since the selinux-policy for this is hard, I temporarily worked around this by
this hack:
https://github.com/openSUSE/kdump/commit/c01eb10ccf123d76bd1bd71d48ccdbbc6160dc8c
Replacing the built-in [[ test with /bin/test results in the symlink being
dereferenced in a different SELinux context which works.
Committed as kdump-1.9.5 to Kernel:Kdump submitted to Factory in SR 1101210.

You are receiving this mail because: