On Fri, Aug 30, 2019 at 2:57 PM arnaud gaboury <arnaud.gaboury@xxxxxxxxx> wrote:
I run one Fedora Atomic 30 desktop and one server. I am lfet with two issues on these machines.1. On server:---------gabx@poppy➤➤ ~ % su
zsh: permission denied: su
gabx@poppy➤➤ ~ % sudo -i
[sudo] password for gabx:
root@poppy➤➤ ~ #-------------------------Is it the expected behavior? I could run su a few days ago.Below some info:----------# cat /etc/sudoersroot ALL=(ALL) ALL%wheel ALL=(ALL) ALL#includedir /etc/sudoers.d# cat /etc/sudoers.d/gabxgabx ALL=(ALL) TYPE=sysadm_t ROLE=sysadm_r ALL# semanage login -l
Login Name SELinux User MLS/MCS Range Service
__default__ unconfined_u s0-s0:c0.c1023 *
gabx sysadm_u s0-s0:c0.c1023 *
root system_u s0-s0:c0.c1023 *gabx@poppy➤➤ ~ % id -Z
sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023------------------------------------------------
NOTE:
after I fixed some SELinux warnings, I have now the following:
--------------------------
gabx@poppy➤➤ ~ % su -
zsh: segmentation fault su -
gabx@poppy➤➤ ~ % strace -o /tmp/u su
zsh: segmentation fault (core dumped) strace -o /tmp/u su
gabx@poppy➤➤ ~ % cat /tmp/u
execve("/usr/bin/su", ["su"], 0x7ffcb9fe7360 /* 29 vars */) = -1 EACCES (Permission denied)
+++ killed by SIGSEGV +++
zsh: segmentation fault su -
gabx@poppy➤➤ ~ % strace -o /tmp/u su
zsh: segmentation fault (core dumped) strace -o /tmp/u su
gabx@poppy➤➤ ~ % cat /tmp/u
execve("/usr/bin/su", ["su"], 0x7ffcb9fe7360 /* 29 vars */) = -1 EACCES (Permission denied)
+++ killed by SIGSEGV +++
.................................
2. On Silverblue desktop, I can't start the system anymore with selinux enforced. I had to edit kernel command line with selinux=0 to boot, then edit selinux config to disable.How can I debug and solve this issue?Thank you for help.
_______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx