1305236 – RFE: SELinux wrongly blocks xlogin session

Bug 1305236 - RFE: SELinux wrongly blocks xlogin session

Summary: RFE: SELinux wrongly blocks xlogin session

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	high
Severity:	medium
Target Milestone:	---
Assignee:	Lukas Vrabec
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:	https://github.com/joukewitteveen/xlo...
Whiteboard:
Depends On:
Blocks:	1404667
TreeView+	depends on / blocked

Reported:	2016-02-06 10:35 UTC by Raphael Groner
Modified:	2019-05-07 12:00 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-05-07 12:00:19 UTC
Type:	Bug
Dependent Products:

Attachments	(Terms of Use)
sealert of xlogin (1.87 KB, text/plain) 2016-02-06 10:35 UTC, Raphael Groner	no flags	Details
audit-AVC.log (580.07 KB, text/plain) 2016-07-13 10:33 UTC, Raphael Groner	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1298715	0	unspecified	CLOSED	Review Request: xlogin - Automatic X login service for systemd	2021-02-22 00:41:40 UTC
Red Hat Bugzilla	1404667	0	unspecified	CLOSED	Desktop logs out randomly	2021-02-22 00:41:40 UTC

Internal Links: 1298715 1404667

Description Raphael Groner 2016-02-06 10:35:19 UTC

Created attachment 1121614 [details]
sealert of xlogin

Description of problem:


Version-Release number of selected component (if applicable):
xlogin-0-0.1.20160114git97667d7.fc23.noarch


How reproducible:
yes

Steps to Reproduce:
1. systemctl enable xlogin@user
2. ln -s /etc/X11/xinit/xinitrc /home/user/.xinitrc
3. reboot

Actual results:
graphical login does not work, see attached logs

Expected results:
user is automatically logged into X

Additional info:
see attached logs
https://github.com/joukewitteveen/xlogin/issues/10

# journalctl --since today -r |grep xlogin
Feb 06 11:17:16 poldy systemd[1]: xlogin: Failed with result 'exit-code'.
Feb 06 11:17:16 poldy systemd[1]: xlogin: Unit entered failed state.
Feb 06 11:17:16 poldy systemd[1]: xlogin: Main process exited, code=exited, status=203/EXEC
Feb 06 11:17:16 poldy systemd[963]: xlogin: Failed at step EXEC spawning /usr/bin/bash: Permission denied
Feb 06 11:17:16 poldy audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Feb 06 11:17:16 poldy audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Feb 06 11:16:26 poldy systemd[1]: Stopping system-xlogin.slice.
Feb 06 11:16:26 poldy systemd[1]: Removed slice system-xlogin.slice.
Feb 06 11:14:24 poldy systemd[1]: xlogin: Failed with result 'exit-code'.
Feb 06 11:14:24 poldy systemd[1]: xlogin: Unit entered failed state.
Feb 06 11:14:24 poldy systemd[1]: xlogin: Main process exited, code=exited, status=203/EXEC
Feb 06 11:14:24 poldy systemd[963]: xlogin: Failed at step EXEC spawning /usr/bin/bash: Permission denied
Feb 06 11:14:24 poldy audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Feb 06 11:14:24 poldy audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Feb 06 11:13:36 poldy systemd[1]: Stopping system-xlogin.slice.
Feb 06 11:13:36 poldy systemd[1]: Removed slice system-xlogin.slice.

# journalctl --since today -r |grep bash
Feb 06 11:17:16 poldy python3[1002]: SELinux is preventing (bash) from using the transition access on a process.
                                     If you believe that (bash) should be allowed transition access on processes labeled unconfined_t by default.
                                     # grep (bash) /var/log/audit/audit.log | audit2allow -M mypol
Feb 06 11:17:16 poldy setroubleshoot[1002]: SELinux is preventing (bash) from using the transition access on a process. For complete SELinux messages. run sealert -l 37be6b0d-fc58-4eb4-81cb-add09f70c136
Feb 06 11:17:16 poldy systemd[963]: xlogin: Failed at step EXEC spawning /usr/bin/bash: Permission denied
Feb 06 11:17:16 poldy audit[963]: AVC avc:  denied  { transition } for  pid=963 comm="(bash)" path="/usr/bin/bash" dev="sda4" ino=1442241 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process permissive=0
Feb 06 11:14:24 poldy python3[989]: SELinux is preventing (bash) from using the transition access on a process.
                                    If you believe that (bash) should be allowed transition access on processes labeled unconfined_t by default.
                                    # grep (bash) /var/log/audit/audit.log | audit2allow -M mypol
Feb 06 11:14:24 poldy setroubleshoot[989]: SELinux is preventing (bash) from using the transition access on a process. For complete SELinux messages. run sealert -l 37be6b0d-fc58-4eb4-81cb-add09f70c136
Feb 06 11:14:24 poldy systemd[963]: xlogin: Failed at step EXEC spawning /usr/bin/bash: Permission denied
Feb 06 11:14:24 poldy audit[963]: AVC avc:  denied  { transition } for  pid=963 comm="(bash)" path="/usr/bin/bash" dev="sda4" ino=1442241 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process permissive=0

Comment 1 Raphael Groner 2016-02-06 10:37:20 UTC

Can we allow xlogin (via bash) in selinux-policy by default?

Comment 2 Miroslav Grepl 2016-02-19 10:49:20 UTC

What does

$ sesearch -A -s init_t -t unconfined_t -c process

on your system?

Comment 3 Raphael Groner 2016-02-19 12:40:41 UTC

$ sesearch -A -s init_t -t unconfined_t -c process
Found 4 semantic av rules:
   allow domain unconfined_t : process sigchld ; 
   allow init_t domain : process { sigchld sigkill sigstop signull signal getpgid getattr } ; 
   allow unconfined_domain_type domain : process { fork sigchld sigkill sigstop signull signal getsched setsched getsession getpgid setpgid getcap setcap share getattr setexec setfscreate noatsecure siginh setrlimit rlimitinh setcurrent setkeycreate setsockcreate ptrace_child } ; 
   allow unconfined_domain_type domain : process ptrace ;

Comment 4 Miroslav Grepl 2016-02-19 14:24:17 UTC

OK and 

$ rpm -q selinux-policy-targeted

?

Comment 5 Raphael Groner 2016-02-19 14:31:45 UTC

$ rpm -q selinux-policy-targeted
selinux-policy-targeted-3.13.1-158.6.fc23.noarch

Comment 6 Miroslav Grepl 2016-02-19 15:28:44 UTC

We have fixes in Rawhide. Could you try to test it with the following local policy

# cat mypol.cil
(allow init_t unconfined_t (process (transition)))
# semodule -i mypol.cil

Comment 7 Raphael Groner 2016-02-27 19:16:59 UTC

Sorry for my delayed response, I'll come back to this RFE later.

Comment 8 Raphael Groner 2016-03-30 14:59:25 UTC

Still an issue for me.

selinux-policy-3.13.1-158.11.fc23.noarch
selinux-policy-targeted-3.13.1-158.11.fc23.noarch
xlogin-0-0.1.20160114git97667d7.fc23.noarch

(In reply to Miroslav Grepl from comment #6)
> We have fixes in Rawhide. Could you try to test it with the following local
> policy

# echo '(allow init_t unconfined_t (process (transition)))' >/tmp/mypol.cli && semodule -i /tmp/mypol.cli
libsemanage.semanage_pipe_data: Child process /usr/libexec/selinux/hll/cli failed with code: 1. (No such file or directory).
mypol: libsemanage.semanage_pipe_data: Unable to execute /usr/libexec/selinux/hll/cli : No such file or directory
mypol:  (No such file or directory).
libsemanage.semanage_direct_commit: Failed to compile hll files into cil files.
 (No such file or directory).
semodule:  Failed!
# LC_ALL=C dnf install /usr/libexec/selinux/hll/cli
Last metadata expiration check: 0:48:53 ago on Wed Mar 30 16:09:41 2016.
No package /usr/libexec/selinux/hll/cli available.
Error: Unable to find a match.
# LC_ALL=C dnf whatprovides /usr/libexec/selinux/hll/cli
Last metadata expiration check: 0:49:13 ago on Wed Mar 30 16:09:41 2016.
Error: No Matches found

Comment 9 Raphael Groner 2016-03-30 15:01:41 UTC

If of any help:
# journalctl |grep xlogin
Feb 06 11:13:36 poldy systemd[1]: Removed slice system-xlogin.slice.
Feb 06 11:13:36 poldy systemd[1]: Stopping system-xlogin.slice.
Feb 06 11:14:24 poldy audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Feb 06 11:14:24 poldy audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Feb 06 11:14:24 poldy systemd[963]: xlogin: Failed at step EXEC spawning /usr/bin/bash: Permission denied
Feb 06 11:14:24 poldy systemd[1]: xlogin: Main process exited, code=exited, status=203/EXEC
Feb 06 11:14:24 poldy systemd[1]: xlogin: Unit entered failed state.
Feb 06 11:14:24 poldy systemd[1]: xlogin: Failed with result 'exit-code'.
Feb 06 11:16:26 poldy systemd[1]: Removed slice system-xlogin.slice.
Feb 06 11:16:26 poldy systemd[1]: Stopping system-xlogin.slice.
Feb 06 11:17:16 poldy audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Feb 06 11:17:16 poldy audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Feb 06 11:17:16 poldy systemd[963]: xlogin: Failed at step EXEC spawning /usr/bin/bash: Permission denied
Feb 06 11:17:16 poldy systemd[1]: xlogin: Main process exited, code=exited, status=203/EXEC
Feb 06 11:17:16 poldy systemd[1]: xlogin: Unit entered failed state.
Feb 06 11:17:16 poldy systemd[1]: xlogin: Failed with result 'exit-code'.
Feb 06 13:40:51 poldy systemd[1]: Removed slice system-xlogin.slice.
Feb 06 13:40:51 poldy systemd[1]: Stopping system-xlogin.slice.
Mär 30 09:59:46 poldy audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Mär 30 09:59:46 poldy audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Mär 30 09:59:46 poldy systemd[1060]: xlogin: Failed at step EXEC spawning /usr/bin/bash: Permission denied
Mär 30 09:59:46 poldy systemd[1]: xlogin: Main process exited, code=exited, status=203/EXEC
Mär 30 09:59:46 poldy systemd[1]: xlogin: Unit entered failed state.
Mär 30 09:59:46 poldy systemd[1]: xlogin: Failed with result 'exit-code'.

Comment 10 Miroslav Grepl 2016-04-25 07:47:03 UTC

Could you test it with

$ cat mypol.te
policy_module(mypol, 1.0)

require{
 type init_t;
 type unconfined_t;
}


allow init_t unconfined_t:process transition;


And run

# make -f /usr/share/selinux/devel/Makefile mypol.pp
# semodule -i mypol.pp



Thank you.

Comment 11 Raphael Groner 2016-05-08 21:34:37 UTC

Your suggestion from comment #10 changes EXEC fail in a PAM fail.

# journalctl -b |grep xlogin
Mai 08 23:21:09 builder24 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@builder comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Mai 08 23:21:09 builder24 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@builder comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Mai 08 23:21:09 builder24 systemd[854]: xlogin: Failed at step PAM spawning /usr/bin/bash: Operation not permitted
Mai 08 23:21:09 builder24 systemd[1]: xlogin: Main process exited, code=exited, status=224/PAM
Mai 08 23:21:09 builder24 systemd[1]: xlogin: Unit entered failed state.
Mai 08 23:21:09 builder24 systemd[1]: xlogin: Failed with result 'exit-code'.

# journalctl -u xlogin@builder
-- Logs begin at So 2016-04-24 20:22:30 CEST, end at So 2016-05-08 23:31:29 CEST. --
Mai 08 23:21:09 builder24 systemd[1]: Started Direct X login for user builder.
Mai 08 23:21:09 builder24 systemd[854]: pam_console(login:session): Could not open lock file /var/run/console/builder, disallowing console access
Mai 08 23:21:09 builder24 systemd[854]: pam_selinux(login:session): Failed to compute new context for /dev/tty7: Permission denied
Mai 08 23:21:09 builder24 systemd[1]: xlogin: Main process exited, code=exited, status=224/PAM
Mai 08 23:21:09 builder24 systemd[1]: xlogin: Unit entered failed state.
Mai 08 23:21:09 builder24 systemd[1]: xlogin: Failed with result 'exit-code'.

Comment 12 Raphael Groner 2016-07-11 19:33:33 UTC

Ping, any news here?

Comment 13 Simon Sekidde 2016-07-11 20:16:24 UTC

(In reply to Raphael Groner from comment #12)
> Ping, any news here?

What policy package version are you running now?  

 allow init_t login_userdomain : process { transition sigchld noatsecure } ; 

Is included in the latest rawhide build

Comment 14 Raphael Groner 2016-07-12 18:42:50 UTC

xlogin-0-0.1.20160114git97667d7.fc23.noarch
selinux-policy-3.13.1-158.15.fc23.noarch

Jul 12 20:34:51 poldy audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Jul 12 20:34:51 poldy audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@raphael comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Jul 12 20:34:51 poldy systemd[1066]: xlogin: Failed at step EXEC spawning /usr/bin/bash: Permission denied
Jul 12 20:34:51 poldy systemd[1]: xlogin: Unit entered failed state.
Jul 12 20:34:51 poldy systemd[1]: xlogin: Failed with result 'exit-code'.

Comment 15 Raphael Groner 2016-07-12 19:13:51 UTC

xlogin-0-0.1.20160114git97667d7.fc24.noarch
selinux-policy-3.13.1-191.5.fc24.noarch 

Jul 12 21:10:21 fedora24lxqt systemd[1]: Created slice system-xlogin.slice.
Jul 12 21:10:21 fedora24lxqt audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@test comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Jul 12 21:10:21 fedora24lxqt systemd[1129]: xlogin: Failed at step PAM spawning /usr/bin/bash: Operation not permitted                                                                     
Jul 12 21:10:21 fedora24lxqt systemd[1]: xlogin: Main process exited, code=exited, status=224/PAM                                                                                          
Jul 12 21:10:21 fedora24lxqt audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xlogin@test comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'                                                                
Jul 12 21:10:21 fedora24lxqt systemd[1]: xlogin: Unit entered failed state.
Jul 12 21:10:21 fedora24lxqt systemd[1]: xlogin: Failed with result 'exit-code'.

Comment 16 Lukas Vrabec 2016-07-13 07:17:38 UTC

Could you attach audit logs? (/var/log/audit/audit.log)

 Thank you.

Comment 17 Raphael Groner 2016-07-13 07:56:05 UTC

(In reply to Lukas Vrabec from comment #16)
> Could you attach audit logs? (/var/log/audit/audit.log)
> 
>  Thank you.

Can I grep it for something? The log files here have several MB in size.

Comment 18 Lukas Vrabec 2016-07-13 08:48:01 UTC

You can run:
# cat /var/log/audit/audit.log | grep AVC

Comment 19 Petr Lautrbach 2016-07-13 09:20:01 UTC

You can use ausearch tool to filter audit events based on time and type, e.g.:

# ausearch -m avc,user_avc,selinux_err -ts 07/12/2016 21:00:00 -te 07/12/2016 22:00:00

Comment 20 Raphael Groner 2016-07-13 10:33:57 UTC

Created attachment 1179213 [details]
audit-AVC.log

Fedora 23:
$ grep AVC /var/log/audit/audit.log

Comment 21 Raphael Groner 2016-07-13 10:35:55 UTC

(In reply to Petr Lautrbach from comment #19)
> You can use ausearch tool to filter audit events based on time and type,
> e.g.:
> 
> # ausearch -m avc,user_avc,selinux_err -ts 07/12/2016 21:00:00 -te
> 07/12/2016 22:00:00

# ausearch -m avc,user_avc,selinux_err -ts 07/12/2016 21:00:00 -te 07/12/2016 22:00:00
Error parsing start date (07/12/2016)
# ausearch -m avc,user_avc,selinux_err -ts 07.12.2016 21:00:00 -te 07.12.2016 22:00:00
<no matches>
# ausearch -m avc,user_avc,selinux_err -ts 2016-07-12 21:00:00 -te 2016-07-12 22:00:00
Invalid start date (2016-07-12). Month, Day, and Year are required.

Comment 22 Petr Lautrbach 2016-07-13 11:45:36 UTC

(In reply to Raphael Groner from comment #21) 
> # ausearch -m avc,user_avc,selinux_err -ts 07/12/2016 21:00:00 -te
> 07/12/2016 22:00:00
> Error parsing start date (07/12/2016)
> # ausearch -m avc,user_avc,selinux_err -ts 07.12.2016 21:00:00 -te
> 07.12.2016 22:00:00
> <no matches>
> # ausearch -m avc,user_avc,selinux_err -ts 2016-07-12 21:00:00 -te
> 2016-07-12 22:00:00
> Invalid start date (2016-07-12). Month, Day, and Year are required.

The format of -ts and -te depends on your current locale. Try 'date +%x' to get the right format or use

LC_ALL=en_US.UTF-8 ausearch -m avc,user_avc,selinux_err -ts 07/12/2016 21:00:00 -te 07/12/2016 22:00:00

Comment 23 Raphael Groner 2016-07-13 12:01:31 UTC

poldy is the Fedora 23 machine from comment #14.

[root@poldy ~]# LC_ALL=en_US.UTF-8 ausearch -m avc,user_avc,selinux_err -ts 07/12/2016 20:00:00 -te 07/12/2016 22:00:00
----
time->Tue Jul 12 21:00:01 2016
type=USER_AVC msg=audit(1468350001.520:216): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:00:01 2016
type=USER_AVC msg=audit(1468350001.521:217): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:00:01 2016
type=USER_AVC msg=audit(1468350001.537:218): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:00:01 2016
type=USER_AVC msg=audit(1468350001.542:219): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:00:01 2016
type=USER_AVC msg=audit(1468350001.594:231): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:00:01 2016
type=USER_AVC msg=audit(1468350001.595:232): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:15:01 2016
type=USER_AVC msg=audit(1468350901.619:251): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:15:01 2016
type=USER_AVC msg=audit(1468350901.638:252): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:15:01 2016
type=USER_AVC msg=audit(1468350901.639:253): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:15:01 2016
type=USER_AVC msg=audit(1468350901.643:254): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:15:01 2016
type=USER_AVC msg=audit(1468350901.693:266): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:15:01 2016
type=USER_AVC msg=audit(1468350901.693:267): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:19:17 2016
type=USER_AVC msg=audit(1468351157.468:272): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:19:17 2016
type=USER_AVC msg=audit(1468351157.469:273): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:30:01 2016
type=USER_AVC msg=audit(1468351801.705:283): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:30:01 2016
type=USER_AVC msg=audit(1468351801.706:284): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:30:01 2016
type=USER_AVC msg=audit(1468351801.724:285): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:30:01 2016
type=USER_AVC msg=audit(1468351801.729:286): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:30:01 2016
type=USER_AVC msg=audit(1468351801.771:298): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:30:01 2016
type=USER_AVC msg=audit(1468351801.771:299): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:45:01 2016
type=USER_AVC msg=audit(1468352701.788:307): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:45:01 2016
type=USER_AVC msg=audit(1468352701.788:308): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:45:01 2016
type=USER_AVC msg=audit(1468352701.803:309): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:45:01 2016
type=USER_AVC msg=audit(1468352701.807:310): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission start for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:45:01 2016
type=USER_AVC msg=audit(1468352701.844:322): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
----
time->Tue Jul 12 21:45:01 2016
type=USER_AVC msg=audit(1468352701.844:323): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'

Comment 25 Raphael Groner 2016-12-09 20:46:48 UTC

Ping? Any news here?

Comment 26 Lukas Vrabec 2016-12-14 15:25:24 UTC

Raphael, 

Do you have the latest selinux-policy package installed? 

It looks that all AVC are fixed.

Comment 27 Raphael Groner 2016-12-27 18:48:34 UTC

My apologise for the delay of an answer. Because of lack of time, I must postpone the verification with latest selinux-policy package.

Comment 28 Raphael Groner 2017-02-01 00:23:11 UTC

See also bug 1404667.

I'm thinking about orphaning xlogin because really lack of free time to actively maintain it.

Comment 29 Raphael Groner 2019-05-07 12:00:19 UTC

Closing, I orphaned xlogin.

Note You need to log in before you can comment on or make changes to this bug.