Stanton Finley wrote:
Daniel J Walsh wrote:
What policy do you have installed and what AVC messages to you see in /var/log/audit/audit.log?
The policy is default enforcing and I have not modified this since the initial install. I have some messages such as "type=AVC msg=audit(1134058129.602:21): avc: denied { transition } for pid=3016 comm="yum" name="bash" dev=dm-0 ino=393269 scontext=root:system_r:xdm_t:s0-s0:c0.c255 tcontext=root:system_r:rpm_script_t:s0-s0:c0.c255 tclass=process" in /var/log/audit/audit.log.
Stanton Finley
http://stanton-finley.net/
Yes this caused because of a bug in policy.
When you log in you are not transitioning to the proper context. Your
shell is running as xdm_t instead of unconfined_t. If you
switch to a console login you should be able to login with the right
context and do a yum update.
This line
system_r:xdm_t:s0 system_r:unconfined_t:s0
Needs to be added to /etc/selinux/targeted/contexts/default_contexts
And then if you logout and log back you should get the correct context.
policy selinux-policy-targeted-2.1.0-3 fixes this problem.
--
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-test-list