Bug 179011 - Remove pam_console_apply from init script
Remove pam_console_apply from init script
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: initscripts (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
Brock Organ
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-01-26 10:51 EST by Daniel Walsh
Modified: 2014-03-16 22:57 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-01-31 16:31:23 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Daniel Walsh 2006-01-26 10:51:16 EST
Description of problem:

pam_console_apply is no longer needed in rc.sysinit since udev is creating the
/dev directory freshly on reboot. 

This is causing some bogus avc messages.
Comment 1 Bill Nottingham 2006-01-26 11:23:48 EST
What happens if you have unclean shutdown, and there's a leftover console lock
entry when udev runs on startup?
Comment 2 Nalin Dahyabhai 2006-01-26 13:50:18 EST
The pam_console_apply helper doesn't clean up the lock; rc.sysinit will continue
to clear the lock, and udev will function as it does now.  But calling
pam_console_apply to reset permissions on devices which the user might have
owned when the reset button was pressed became unnecessary when we made /dev
non-persistent.
Comment 3 Bill Nottingham 2006-01-26 15:36:31 EST
What I'm trying to say is that the lock is there *when udev starts on boot* from
before the reset button was pressed - is udev using this stale information when
it recreates the devices?
Comment 4 Nalin Dahyabhai 2006-01-26 16:46:40 EST
Oh, I see what you mean now.  I don't see any calls to udev in the mkinitrd
script.  Are we still calling udev before rc.sysinit, or am I missing part of
the boot process?
Comment 5 Bill Nottingham 2006-01-27 13:27:35 EST
It's at the top of rc.sysinit, but it's before the read/write remount of /, so
there could be leftover cruft in /var.

I'll test this, just need to get in front of a machine of recent enough vintage.
Comment 6 Bill Nottingham 2006-01-31 16:31:23 EST
Yeah, you can't remove it because there could be a stale console.lock file when
udev runs.

Note You need to log in before you can comment on or make changes to this bug.