On Út, 2015-02-24 at 10:42 +0100, Hans de Goede wrote: > Hi all, > > Debugging this took me ages, so I thought I would share this with you, > with the new gdm on wayland landed in F-22 recently Xorg gets started > as a regular user. > > This is a good thing as we want to move to Xorg running as a regular user, > but we're not 100% there yet, so currently Xorg is still suid-root, and > needs those root rights to function properly. > > But when fips is enabled either on the kernel commandline or a /etc/system-fips > file exists one of the libraries X is using is dropping the root rights at > early library init and things fail. > > So if X is not working for you all of a sudden, make sure you do not have > fips enabled on the kernel commandline, and remove any /etc/system-fips > file you may have. This is unintended side-effect of running the FIPS selftest in the libgcrypt constructor, we need to fix that. Please open a new bug against libgcrypt so the bug fix is tracked.
Proposed as a Blocker for 22-beta by Fedora user pbrobinson using the blocker tracking app because: Stops core desktop working when FIPS is enabled
Is FIPS mode a blocker ? (if so, under what criteria?)
This should be fixed in rawhide and recent F22 update in testing.
Also I do not think FIPS mode regression should be a release blocker.