Description of problem:
When I experimented around with pam_namespace, I found a bug. I have rhel 6.1.
I installed SElinux policy-mls and edited the file /etc/security/namespace.conf.
I rebooted the system, logged in user, open the "computer:///" in Nautilus. I double-click on CD-ROM icon or USB-flash icon, Nautilus pops up a dialog box that says "Internal error: No mount object for mounted volume".
Version-Release number of selected component (if applicable):
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.1
$ rpm -qa | grep pam
pam_pkcs11-0.6.2-11.1.el6.x86_64
pam-devel-1.1.1-8.el6.x86_64
gnome-keyring-pam-2.28.2-6.el6.x86_64
pam-1.1.1-8.el6.x86_64
spamassassin-3.3.1-2.el6.x86_64
fprintd-pam-0.1-19.git04fd09cfa.el6.x86_64
pam_passwdqc-1.0.5-6.el6.x86_64
pam_krb5-2.3.11-6.el6.x86_64$
rpm -qa | grep nautilus
nautilus-sendto-2.28.2-3.el6.x86_64
totem-nautilus-2.28.6-2.el6.x86_64
nautilus-2.28.4-15.el6.x86_64
brasero-nautilus-2.28.3-6.el6.x86_64
nautilus-open-terminal-0.17-3.el6.x86_64
nautilus-extensions-2.28.4-15.el6.x86_64
$ rpm -qa | grep mls
selinux-policy-mls-3.7.19-93.el6.noarch
How reproducible:
Always
Steps to Reproduce:
1. yum install selinux-policy-mls-3.7.19-93.el6.noarch.rpm
2. vim /etc/selinux/config
SELINUX=permissive
3. vim /etc/security/namespace.conf
/tmp /tmp-inst/ level root,adm
/var/tmp /var/tmp/tmp-inst/ level root,adm
$HOME $HOME/$USER.inst/ level root,adm
4.
# mkdir /tmp/tmp-inst
# mkdir /var/tmp/tmp-inst
# chown root:root /tmp/tmp-inst /var/tmp/tmp-inst
# chmod 000 /tmp/tmp-inst /var/tmp/tmp-inst
5. useradd user1
6. passwd user1
7. reboot
8. log in user1
9. put CD into drive
10.put USB-flash into USB-port
11. open "computer:///" in Nautilus
12. double-click double-click on CD-ROM icon or USB-flash icon
Actual results:
Nautilus pops up a dialog box that says "Internal error: No mount object for mounted volume".
Expected results:
Nautilus correct mount CD or USB-Flash /media/name...
Should display directory
Linear Mode
