Bug 1244573 - xrdp binaries labelled incorrectly, this prevents service start under systemd
Summary: xrdp binaries labelled incorrectly, this prevents service start under systemd
Keywords:
Status: CLOSED DUPLICATE of bug 1177202
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 22
Hardware: All
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Lukas Vrabec
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 1258453
TreeView+ depends on / blocked
 
Reported: 2015-07-20 03:21 UTC by Bojan Smojver
Modified: 2016-05-03 15:00 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
: 1258453 (view as bug list)
Environment:
Last Closed: 2016-05-03 15:00:07 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Bojan Smojver 2015-07-20 03:21:34 UTC 
Description of problem:

$ grep xrdp /etc/selinux/targeted/contexts/files/file_contexts
/usr/sbin/xrdp	--	system_u:object_r:unconfined_exec_t:s0
/usr/sbin/xrdp-sesman	--	system_u:object_r:unconfined_exec_t:s0


Version-Release number of selected component (if applicable):
selinux-policy-targeted-3.13.1-128.6.fc22.noarch

How reproducible:
Always.

Steps to Reproduce:
1. xrdp.service fails to start when SELinux is in enforcing mode.

Actual results:
No start.

Expected results:
Should start?

Additional info:

This makes it work:

# chcon -t bin_t /usr/sbin/xrdp
# chcon -t bin_t /usr/sbin/xrdp-sesman
Comment 1 Bojan Smojver 2015-08-18 22:33:26 UTC 
Reassigning in the hope of getting some feedback and getting this fixed.
Comment 2 Lukas Vrabec 2015-08-31 12:17:24 UTC 
Hi, 

We should create a new policy for this daemon.
Comment 3 Lukas Vrabec 2016-05-03 15:00:07 UTC 

*** This bug has been marked as a duplicate of bug 1177202 ***
Note You need to log in before you can comment on or make changes to this bug.