Created attachment 1078284 [details] Journal log after systemctl restart gdm Description of problem: I installed a clean F23 beta machine, then used dnf system upgrade to try and move up to Rawhide. When I rebooted the system, I got the 'Oh no! Something has gone wrong' screen, which repeats if I try and relaunch GDM. Setting 'setenforce 0', or setting selinux to permissive in the config allows everything to work normally. I have tried relabelling the filesystem. Version-Release number of selected component (if applicable): Rawhide as of 2015-09-28, precise version numbers to follow if required. How reproducible: Always Steps to Reproduce: Install F23 Beta from ISO. Perform dnf system-upgrade to Rawhide and reboot. Actual results: GDM Fails to start with an "Oops, something went wrong." screen. Expected results: GDM to start normally. Additional Info: Setting setenforce 0 from a tty allows GDM to start. Attached is a journal with all AVCs shown (I disabled dontaudit with semodule -DB).
Hi, Could you attach also /var/log/audit/audit.log file? Thank you.
It relates with security classes changes. We should have a fix in libselinux and we should require a new libselinux in the policy. Richard, could you try to execute # dnf update libselinux to see if it fixes your issue. Thank you.
*** Bug 1265913 has been marked as a duplicate of this bug. ***
And also run # systemctl daemon-reexec
I can't see any difference with latest libselinux. $ rpm -q libselinux libselinux-2.4-4.fc24.x86_64
No difference for me either.
I might add that the title is misleading, this occurred for me during a routine update of a rawhide install from a rawhide boot.iso. Both of my two active installs have this issue. libselinux-2.4-4 and daemon-reexec have had no effect.
Yes, I installed originally from one of the early F23 pre-Alpha images, so this is unlikely to depend on how the installation happened. Changing title.
Also removing needinfo since it's pretty clear the problem is not fixed.
Created attachment 1079323 [details] an audit.log Well, an audit.log was asked for in the needinfo. Given that the original reporter has said nothing more, I will provide my own.
Created attachment 1079324 [details] /var/log/audit/audit.log Just noticed that one of the two needinfos I just cancelled was associated with Comment 1 (request for /var/log/audit/audit.log ). Attaching mine.
Ok I added additiona fixes to rawhide. https://github.com/fedora-selinux/selinux-policy/commit/5aad18c3bcf173f58ab515321f2e6b6ae5570bb0 which fixes this issue for me.
$ rpm -q selinux-policy selinux-policy-3.13.1-151.fc24.noarch The above version works for me.
Thank you for testing.