F7 mls enforcing failed login and recursive fault

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I built and fully updated a F7/MLS system today and was unable to login in MLS enforcing from the console or ssh (no X, init level 2 or 3). I rebooted with a clean audit.log in permissive mode, logged in and found two login related denials

type=AVC msg=audit(1187740851.272:22): avc: denied { audit_control } for pid=2299 comm="login" capability=30 scontext=system_u:system_r:local_login_t:s0-s15:c0.c1023 tcontext=system_u:system_r:local_login_t:s0-s15:c0.c1023 tclass=capability

and a second dbus related one that I was unable to replicate for this email

I created a quick policy to see if I could log in in enforcing mode.

policy_module(f7fix,1.0.0)

gen_require(`
        type local_login_t, initrc_t;
        class dbus send_msg;
')

allow local_login_t initrc_t:dbus send_msg;
allow local_login_t self:capability audit_control;

and got this nasty result

Aug 21 18:19:12 f7 kernel: ds: 007b es: 007b fs: 00d8 gs: 0000 ss: 0068 Aug 21 18:19:12 f7 kernel: Process login (pid: 2310, ti=f7f98000 task=f70de2b0 task.ti=f7f98000) Aug 21 18:19:12 f7 kernel: Stack: c06ab7d9 fffffff3 00000000 c06f27ac fffffff3 fffffff3 00000000 c04ad93d Aug 21 18:19:12 f7 kernel: c06f27a0 f77b8878 c04ad987 f77b8800 f77b8800 f77b8878 c0555fae f7c8df00 Aug 21 18:19:12 f7 kernel: c05509ee f77b8800 f773e938 00000000 00000000 c0550a20 f70aa800 c053660d
Aug 21 18:19:12 f7 kernel: Call Trace:
Aug 21 18:19:12 f7 kernel:  [<c04ad93d>] remove_files+0x15/0x1e
Aug 21 18:19:12 f7 kernel:  [<c04ad987>] sysfs_remove_group+0x41/0x57
Aug 21 18:19:12 f7 kernel:  [<c0555fae>] device_pm_remove+0x32/0x70
Aug 21 18:19:12 f7 kernel:  [<c05509ee>] device_del+0x183/0x1ad
Aug 21 18:19:12 f7 kernel:  [<c0550a20>] device_unregister+0x8/0x10
Aug 21 18:19:12 f7 kernel:  [<c053660d>] vcs_remove_sysfs+0x17/0x31
Aug 21 18:19:12 f7 kernel:  [<c053b24a>] con_close+0x49/0x5b
Aug 21 18:19:12 f7 kernel:  [<c052fec7>] release_dev+0x1df/0x5e3
Aug 21 18:19:12 f7 kernel:  [<c045d35e>] free_pages_bulk+0x100/0x16e
Aug 21 18:19:12 f7 kernel:  [<c045d585>] __pagevec_free+0x14/0x1a
Aug 21 18:19:12 f7 kernel:  [<c045f7a5>] release_pages+0x10a/0x112
Aug 21 18:19:12 f7 kernel:  [<c05302da>] tty_release+0xf/0x18
Aug 21 18:19:12 f7 kernel:  [<c04765eb>] __fput+0xb4/0x16a
Aug 21 18:19:12 f7 kernel:  [<c04740f9>] filp_close+0x51/0x58
Aug 21 18:19:12 f7 kernel:  [<c0428683>] put_files_struct+0x5f/0xa7
Aug 21 18:19:12 f7 kernel:  [<c04296be>] do_exit+0x21f/0x6d3
Aug 21 18:19:12 f7 kernel:  [<c0429bdf>] sys_exit_group+0x0/0xd
Aug 21 18:19:12 f7 kernel:  [<c0404f70>] syscall_call+0x7/0xb
Aug 21 18:19:12 f7 kernel:  [<c0600000>] __sched_text_start+0x6e8/0x89e
Aug 21 18:19:12 f7 kernel:  =======================
Aug 21 18:19:12 f7 kernel: Code: 8b 40 24 8b 40 24 c3 8b 40 14 8b 00 c3 8b 40 14 8b 00 c3 55 57 56 53 83 ec 0c 85 c0 89 44 24 04 89 14 24 0f 84 ed 00 00 00 89 c2 <8b> 40 0c 85 c0 0f 84 e0 00 00 00 8b 52 54 83 c0 74 89 54 24 08 Aug 21 18:19:12 f7 kernel: EIP: [<c04ab620>] sysfs_hash_and_remove +0x18/0x110 SS:ESP 0068:f7f98e04
Aug 21 18:19:12 f7 kernel: Fixing recursive fault but reboot is needed!

potentially relevant rpm versions

kernel-2.6.21-1.3194.fc7
audit-1.5.3-1.fc7
util-linux-2.13-0.52.fc7
checkpolicy-2.0.3-1.fc7
policycoreutils-2.0.16-11.fc7
policycoreutils-gui-2.0.16-11.fc7
policycoreutils-newrole-2.0.16-11.fc7
seedit-policy-2.1.1-2.fc7.2
selinux-policy-2.6.4-33.fc7
selinux-policy-devel-2.6.4-33.fc7
selinux-policy-mls-2.6.4-33.fc7
selinux-policy-targeted-2.6.4-33.fc7

joe

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux