Bug 582923

Summary: can't set security context
Product: [Fedora] Fedora Reporter: Marcela Mašláňová <mmaslano>
Component: libselinuxAssignee: Daniel Walsh <dwalsh>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 14CC: dwalsh, jmccann, mgrepl, rstrode, tmraz
Target Milestone: ---Keywords: SELinux
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-07-27 13:22:06 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Marcela Mašláňová 2010-04-16 07:40:09 UTC 
After I gave correct password, I was asked 'Would you like to enter a security context? [N] I assumed that 'No' is default and simple enter log me in. That doesn't work. Also try to type N,n,Y,y, which doesn't work.
I was able to log in after 'setenforce 0' and give 'n' as answer to this question. I hope you change it to something more convenient because I still don't know what I have to do instead of switching selinux off. Better question or example of correct answer would be fine.
Comment 1 Ray Strode [halfline] 2010-04-20 14:42:58 UTC 
You shouldn't ever be asked that question.

How are you starting GDM?
Comment 2 Marcela Mašláňová 2010-04-21 06:08:09 UTC 
Boot into runlevel 3, as root run gdm.
Comment 3 Ray Strode [halfline] 2010-04-21 12:39:03 UTC 
ah yea, you're running gdm from an unconfined security context then.

It's caused by pam_selinux.  I talked to Dan about this before, and I think the consensus was that it basically shouldn't ever ask that question, and the only reason it does is for weird historical reasons.
Comment 4 Daniel Walsh 2010-04-21 14:28:45 UTC 
Marcela why are you running gdm by hand?  If you are debugging you need to attach to the process or put SELinux into permissive mode.
Comment 5 Marcela Mašláňová 2010-04-22 08:29:13 UTC 
(In reply to comment #4)
> Marcela why are you running gdm by hand?  If you are debugging you need to
> attach to the process or put SELinux into permissive mode.    

I don't use gdm on daily basis, so I don't care about solution. The warning could be confusing for a common user, that's all. I suppose mentioned selinux in this message could be a better hint.
Comment 6 Daniel Walsh 2010-04-22 11:38:39 UTC 
Of course the common user would not be running gdm by hand.  :^)
Comment 7 Bug Zapper 2010-07-30 11:22:24 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 14 development cycle.
Changing version to '14'.

More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 8 Daniel Walsh 2012-07-27 13:22:06 UTC 
Since this version of Fedora is no longer supported I am closing this bugs.  If you are still seeing this bug in a current version of fedora, please reopen the bugzilla with the appropriate version number.