Description of problem: Just starting sddm: systemctl enable --force sddm.service systemctl start sddm.service SELinux is preventing /usr/bin/sddm from 'write' accesses on the file . ***** Plugin catchall_labels (83.8 confidence) suggests ******************* If you want to allow sddm to have write access on the file Then necesita modificar la etiqueta en $FIX_TARGET_PATH Do # semanage fcontext -a -t FILE_TYPE '$FIX_TARGET_PATH' donde FILE_TYPE es uno de los siguientes: afs_cache_t, anon_inodefs_t, auth_cache_t, auth_home_t, cache_home_t, cgroup_t, config_home_t, data_home_t, dbus_home_t, etc_runtime_t, faillog_t, fonts_cache_t, gconf_home_t, gnome_home_t, gstreamer_home_t, icc_data_home_t, initrc_tmp_t, initrc_var_run_t, krb5_host_rcache_t, lastlog_t, locale_t, mozilla_plugin_tmpfs_t, pam_var_console_t, pam_var_run_t, puppet_tmp_t, security_t, sysfs_t, systemd_passwd_var_run_t, user_cron_spool_t, user_fonts_t, user_tmp_t, user_tmpfs_t, var_auth_t, wtmp_t, xauth_home_t, xdm_home_t, xdm_lock_t, xdm_log_t, xdm_rw_etc_t, xdm_spool_t, xdm_tmp_t, xdm_tmpfs_t, xdm_var_lib_t, xdm_var_run_t, xkb_var_lib_t, xserver_log_t, xserver_tmpfs_t. Luego ejecute: restorecon -v '$FIX_TARGET_PATH' ***** Plugin catchall (17.1 confidence) suggests ************************** If cree que de manera predeterminada, sddm debería permitir acceso write sobre file. Then debería reportar esto como un error. Puede generar un módulo de política local para permitir este acceso. Do permita el acceso momentáneamente executando: # grep sddm /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023 Target Context system_u:object_r:etc_t:s0 Target Objects [ file ] Source sddm Source Path /usr/bin/sddm Port <Unknown> Host (removed) Source RPM Packages sddm-0.2.0-0.16.20130914git50ca5b20.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-171.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.15.0-1.fc20.x86_64 #1 SMP Tue Jun 17 21:48:04 CEST 2014 x86_64 x86_64 Alert Count 1 First Seen 2014-06-28 14:38:22 CEST Last Seen 2014-06-28 14:38:22 CEST Local ID ed6cc9d8-ee0f-4517-be1e-872468db10d0 Raw Audit Messages type=AVC msg=audit(1403959102.403:589): avc: denied { write } for pid=3020 comm="sddm" name="sddm.conf" dev="sda2" ino=5050368 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=file type=SYSCALL msg=audit(1403959102.403:589): arch=x86_64 syscall=open success=no exit=EACCES a0=7f8de526de28 a1=80042 a2=1b6 a3=4 items=0 ppid=1 pid=3020 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=6 comm=sddm exe=/usr/bin/sddm subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) Hash: sddm,xdm_t,etc_t,file,write Additional info: reporter: libreport-2.2.2 hashmarkername: setroubleshoot kernel: 3.15.0-1.fc20.x86_64 type: libreport
Why does sddm write to its config FIle?
The old version of sddm did that to record LastUser, but I believe the latest version does not do that anymore. Please upgrade to at least, https://admin.fedoraproject.org/updates/FEDORA-2014-7755/sddm-0.2.0-0.31.20140627gitf49c2c79.fc20 and retest please.
It has happenend again: # rpm -q sddm sddm-0.2.0-0.31.20140627gitf49c2c79.fc20.x86_64 SELinux is preventing /usr/bin/sddm from write access on the file . ***** Plugin catchall_labels (83.8 confidence) suggests ******************* If you want to allow sddm to have write access on the file Then necesita modificar la etiqueta en $FIX_TARGET_PATH Do # semanage fcontext -a -t FILE_TYPE '$FIX_TARGET_PATH' donde FILE_TYPE es uno de los siguientes: afs_cache_t, anon_inodefs_t, auth_cache_t, auth_home_t, cache_home_t, cgroup_t, config_home_t, data_home_t, dbus_home_t, etc_runtime_t, faillog_t, fonts_cache_t, gconf_home_t, gnome_home_t, gstreamer_home_t, icc_data_home_t, initrc_tmp_t, initrc_var_run_t, krb5_host_rcache_t, lastlog_t, locale_t, mozilla_plugin_tmpfs_t, pam_var_console_t, pam_var_run_t, puppet_tmp_t, security_t, sysfs_t, systemd_passwd_var_run_t, user_cron_spool_t, user_fonts_t, user_tmp_t, user_tmpfs_t, var_auth_t, wtmp_t, xauth_home_t, xdm_home_t, xdm_lock_t, xdm_log_t, xdm_rw_etc_t, xdm_spool_t, xdm_tmp_t, xdm_tmpfs_t, xdm_var_lib_t, xdm_var_run_t, xkb_var_lib_t, xserver_log_t, xserver_tmpfs_t. Luego ejecute: restorecon -v '$FIX_TARGET_PATH' ***** Plugin catchall (17.1 confidence) suggests ************************** If cree que de manera predeterminada, sddm debería permitir acceso write sobre file. Then debería reportar esto como un error. Puede generar un módulo de política local para permitir este acceso. Do permita el acceso momentáneamente executando: # grep sddm /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023 Target Context system_u:object_r:etc_t:s0 Target Objects [ file ] Source sddm Source Path /usr/bin/sddm Port <Unknown> Host <removed> Source RPM Packages sddm-0.2.0-0.31.20140627gitf49c2c79.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-176.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name <removed> Platform Linux <removed> 3.15.4-200.1.fc20.1.x86_64 #1 SMP Fri Jul 11 14:02:03 CEST 2014 x86_64 x86_64 Alert Count 1 First Seen 2014-07-15 18:58:50 CEST Last Seen 2014-07-15 18:58:50 CEST Local ID 9b88a9a8-9e8a-4a29-a6a5-99c708581b39 Raw Audit Messages type=AVC msg=audit(1405443530.128:788): avc: denied { write } for pid=1804 comm="sddm" name="sddm.conf" dev="sda2" ino=7793701 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=file type=SYSCALL msg=audit(1405443530.128:788): arch=x86_64 syscall=open success=no exit=EACCES a0=7f4d5da27e48 a1=80042 a2=1b6 a3=4 items=0 ppid=1 pid=1804 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=sddm exe=/usr/bin/sddm subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) Hash: sddm,xdm_t,etc_t,file,write
To be sure, did you reboot since upgrading sddm ? (if not, please do... if you did, then nevermind)
I have received the same SELinux alert after a reboot.
Seeing this on fresh F21 install sddm-0.2.0-0.31.20140627gitf49c2c79.fc21.x86_64
Description of problem: Install sddm from dvratil/plasma-5 copr repo. Start with systemctl start sddm, get a blinking cursor on black tty. After a few seconds sddm shows. Disable SELINUX or set manual policy according to abrt solution fixes this. Also same behavior on Fedora 21 Alpha. Additional info: reporter: libreport-2.2.3 hashmarkername: setroubleshoot kernel: 3.16.3-200.fc20.x86_64 type: libreport
sddm-0.9.0-1.20141007git6a28c29b.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/sddm-0.9.0-1.20141007git6a28c29b.fc21
sddm-0.9.0-1.20141007git6a28c29b.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/sddm-0.9.0-1.20141007git6a28c29b.fc20
sddm-0.9.0-1.20141007git6a28c29b.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/sddm-0.9.0-1.20141007git6a28c29b.fc19
Package sddm-0.9.0-1.20141007git6a28c29b.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing sddm-0.9.0-1.20141007git6a28c29b.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-12308/sddm-0.9.0-1.20141007git6a28c29b.fc20 then log in and leave karma (feedback).
sddm-0.9.0-2.20141007git6a28c29b.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
sddm-0.9.0-2.20141007git6a28c29b.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.