On Fri, 2011-09-16 at 11:58 -0400, Daniel J Walsh wrote: > On 09/16/2011 11:22 AM, Justin P. Mattock wrote: > > On 09/16/2011 07:59 AM, Daniel J Walsh wrote: > >> ps -eZ |grep sshd > > I dont have sshd running, but here is ps auxZ to give you an idea > > of what I am seeing: http://fpaste.org/u6IB/ > > > > if I adjust /etc/pam.d/login and add select_context to > > pam_selinux.so then do init 3 in lilo I am able to have the > > context justin:staff_r:staff_t:s0 the way it should. but as soon > > as I init 5 gdm starts up, and everything goes back to > > name:staff_r:insmod_t:s0 > > > > I think I am either missing a boolean to have the transisiton > > runing properly, and/or pam.d or some config file somewhere needs > > to be adjusted. keep in mind refpolicy has no patches added to > > it(not sure if I need any for systemd), just plain git pull > > etc... > > > > Justin P. Mattock > Well since you don't have a init_t running, I think your problem > starts there. Looks like your system is badly mislabeled or something > in init is broken. I take it this is not a Red Hat Based OS? I'd actually like to take this opportunity to stress once again that in my opinion the system boot/init process should fail irreversibly as soon as the init process has failed to transition to its own designated context from the initial kernel context. Regards, Guido -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
