Bug 96121 - ERROR: lsetxattr security.selinux= failed. Operation not supported.
Summary: ERROR: lsetxattr security.selinux= failed. Operation not supported.
Status: NEW
Alias: None
Product: File System
Classification: Unclassified
Component: btrfs (show other bugs)
Hardware: All Linux
: P1 normal
Assignee: Josef Bacik
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-04-03 17:03 UTC by Chris Murphy
Modified: 2016-03-20 10:07 UTC (History)
1 user (show)

See Also:
Kernel Version: 4.0.0-0.rc6.git0.1.fc22.i686
Subsystem:
Regression: No
Bisected commit-id:


Attachments
strace.txt (8.64 KB, text/plain)
2015-04-03 17:03 UTC, Chris Murphy
Details

Description Chris Murphy 2015-04-03 17:03:03 UTC
Created attachment 173091 [details]
strace.txt

btrfs-progs v3.19.1

These are unlabeled files so I'm not sure why lsetxattr is being used.

# btrfs send /mnt/btr0/sam840ev\:chrishome\:20150403-1/ | btrfs receive /brick1/snapshots/
At subvol /mnt/btr0/sam840ev:chrishome:20150403-1/
At subvol sam840ev:chrishome:20150403-1
ERROR: lsetxattr .android security.selinux=unconfined_u:object_r:unlabeled_t:s0 failed. Operation not supported
[root@f21s snapshots]# ausearch -m AVC
<no matches>

# sestatus 
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      29
Comment 1 Chris Murphy 2015-04-03 17:35:55 UTC
Both send and receive volumes are used by samba, and are mounted with this:

-o context='system_u:object_r:samba_share_t:s0',subvol=blah

So even though I'm mounting the top level of each volume elsewhere without this mount option, it's inherited from the original mount using this selinux context. If I unmount all instances, and remount without -o context, the btrfs send receive works.

Note You need to log in before you can comment on or make changes to this bug.