-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Antonio Olivares wrote: > Dear all, > > after updating and getting the INIT: error that I had posted before, I can login by pressing enter and get X, however, when starting up I am greeted by setroubleshooter with some messages > > [olivares@localhost ~]$ cat /etc/fedora-release > Fedora release 8.90 (Rawhide) > [olivares@localhost ~]$ date > Sun Nov 11 10:40:25 CST 2007 > [olivares@localhost ~]$ > > I try to apply the fix suggested, but it does not seem to be working :( > > Summary > SELinux is preventing gdm (xdm_t) "execute" to <Unknown> (rpm_exec_t). > > Detailed Description > SELinux denied access requested by gdm. It is not expected that this access > is required by gdm and this access may signal an intrusion attempt. It is > also possible that the specific version or configuration of the application > is causing it to require additional access. > > Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for <Unknown>, restorecon -v > <Unknown> If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > > Additional Information > > Source Context system_u:system_r:xdm_t:SystemLow-SystemHigh > Target Context system_u:object_r:rpm_exec_t > Target Objects None [ file ] > Affected RPM Packages > Policy RPM selinux-policy-3.0.8-44.fc8 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name plugins.catchall_file > Host Name localhost > Platform Linux localhost 2.6.23.1-42.fc8 #1 SMP Tue Oct 30 > 13:55:12 EDT 2007 i686 athlon > Alert Count 162 > First Seen Sun 11 Nov 2007 09:11:06 AM CST > Last Seen Sun 11 Nov 2007 10:36:27 AM CST > Local ID f3168196-46ac-4951-ab61-b3b218534bb2 > Line Numbers > > Raw Audit Messages > > avc: denied { execute } for comm=gdm dev=dm-0 name=rpm pid=8443 > scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=file > tcontext=system_u:object_r:rpm_exec_t:s0 > > > > > > Summary > SELinux is preventing gdm (xdm_t) "getattr" to /bin/rpm (rpm_exec_t). > > Detailed Description > SELinux denied access requested by gdm. It is not expected that this access > is required by gdm and this access may signal an intrusion attempt. It is > also possible that the specific version or configuration of the application > is causing it to require additional access. > > Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /bin/rpm, restorecon -v /bin/rpm > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > > Additional Information > > Source Context system_u:system_r:xdm_t:SystemLow-SystemHigh > Target Context system_u:object_r:rpm_exec_t > Target Objects /bin/rpm [ file ] > Affected RPM Packages rpm-4.4.2.2-7.fc9 [target] > Policy RPM selinux-policy-3.0.8-44.fc8 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name plugins.catchall_file > Host Name localhost > Platform Linux localhost 2.6.23.1-42.fc8 #1 SMP Tue Oct 30 > 13:55:12 EDT 2007 i686 athlon > Alert Count 180 > First Seen Sun 11 Nov 2007 09:11:06 AM CST > Last Seen Sun 11 Nov 2007 10:36:27 AM CST > Local ID e1676a84-c6d0-45b8-97d7-c7cae2d755c1 > Line Numbers > > Raw Audit Messages > > avc: denied { getattr } for comm=gdm dev=dm-0 egid=0 euid=0 exe=/bin/bash > exit=-13 fsgid=0 fsuid=0 gid=0 items=0 path=/bin/rpm pid=8443 > scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 sgid=0 > subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 suid=0 tclass=file > tcontext=system_u:object_r:rpm_exec_t:s0 tty=(none) uid=0 > > > Thanks, > > Antonio > > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > This looks like you are not logging in with the correct context. IE You are staying in the xdm_t context. id -Z Will show you what context you are logging in as. You should be unconfined_t. If this is true, I would guess you have a badly labeled system and you probably need to relabel touch /.autorelabel; reboot will fix the labeling. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHOKhOrlYvE4MpobMRAuTvAKCFLJLVmRKSGwe61gXDvMXUbxrgtgCgg8A0 CIoG4YHFOd45YF4deKAOE8I= =gHid -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
