Bug 480652

Summary: crashes on setenforce
Product: [Fedora] Fedora Reporter: Jeremy Katz <katzj>
Component: dbusAssignee: David Zeuthen <davidz>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: davidz, dcantrell, dwalsh, mclasen, walters, walters
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-21 01:01:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 476773    

Description Jeremy Katz 2009-01-19 17:47:05 UTC 
Running 'setenforce 0' seems to crash the system message bus with today's rawhide.

Blocking F11Alpha as we have to do this for live installs to be able to do everything they need to do.
Comment 1 Colin Walters 2009-01-20 16:47:10 UTC 
I can't reproduce this; are you able to get a stack trace?
Comment 2 Colin Walters 2009-01-20 16:48:11 UTC 
Also at what stage does this occur?  Is this with the dbus run from the initrd?  Or at a later state?
Comment 3 Jeremy Katz 2009-01-20 17:34:46 UTC 
Desktop running from the livecd, start a terminal, run 'setenforce 0'.

This was with the livecd of yesterday as I haven't built one yet today.
Comment 4 Jeremy Katz 2009-01-20 18:00:10 UTC 
Dan -- is this something that you think might have gotten fixed in today's selinux-policy?  As it sort of looks like it could be back to working now.
Comment 5 Colin Walters 2009-01-20 18:21:47 UTC 
I can't think offhand of a way in which a selinux-policy change could cause dbus to crash.  However - dbus does link in libselinux because it acts as a userspace enforcer, and in fact the libselinux code is run when setenforce is invoked.
Comment 6 Colin Walters 2009-01-20 20:03:15 UTC 
I can't reproduce this from the rawhide-i686-20090119.0.iso either; should we remove this from the blocker list from now, and if it reappears in a repeatable way, readd to the blocker list?
Comment 7 Jesse Keating 2009-01-21 01:01:28 UTC 
We could just close it, and re-open if it happens again.
Comment 8 Daniel Walsh 2009-01-21 13:56:52 UTC 
There were a lot of breakages around handling polkit, so maybe this was causing the problem.
Comment 9 Colin Walters 2009-01-21 14:29:32 UTC 
We should strive to avoid the system bus crashing, at least up to a certain point.  If the SELinux policy changed to deny dbus from reading /etc or something, I could imagine we crash.  But if it's something less drastic it'd be good to know what it could be.
Comment 10 Daniel Walsh 2009-01-21 19:42:31 UTC 
It was denied access to /var/lib/misc/PolicyKit.reload 

I believe.