Bug 480652 - crashes on setenforce
crashes on setenforce
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: dbus (Show other bugs)
rawhide
All Linux
low Severity medium
: ---
: ---
Assigned To: David Zeuthen
Fedora Extras Quality Assurance
:
Depends On:
Blocks: F11Alpha/F11AlphaBlocker
  Show dependency treegraph
 
Reported: 2009-01-19 12:47 EST by Jeremy Katz
Modified: 2013-03-05 22:57 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-01-20 20:01:28 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jeremy Katz 2009-01-19 12:47:05 EST
Running 'setenforce 0' seems to crash the system message bus with today's rawhide.

Blocking F11Alpha as we have to do this for live installs to be able to do everything they need to do.
Comment 1 Colin Walters 2009-01-20 11:47:10 EST
I can't reproduce this; are you able to get a stack trace?
Comment 2 Colin Walters 2009-01-20 11:48:11 EST
Also at what stage does this occur?  Is this with the dbus run from the initrd?  Or at a later state?
Comment 3 Jeremy Katz 2009-01-20 12:34:46 EST
Desktop running from the livecd, start a terminal, run 'setenforce 0'.

This was with the livecd of yesterday as I haven't built one yet today.
Comment 4 Jeremy Katz 2009-01-20 13:00:10 EST
Dan -- is this something that you think might have gotten fixed in today's selinux-policy?  As it sort of looks like it could be back to working now.
Comment 5 Colin Walters 2009-01-20 13:21:47 EST
I can't think offhand of a way in which a selinux-policy change could cause dbus to crash.  However - dbus does link in libselinux because it acts as a userspace enforcer, and in fact the libselinux code is run when setenforce is invoked.
Comment 6 Colin Walters 2009-01-20 15:03:15 EST
I can't reproduce this from the rawhide-i686-20090119.0.iso either; should we remove this from the blocker list from now, and if it reappears in a repeatable way, readd to the blocker list?
Comment 7 Jesse Keating 2009-01-20 20:01:28 EST
We could just close it, and re-open if it happens again.
Comment 8 Daniel Walsh 2009-01-21 08:56:52 EST
There were a lot of breakages around handling polkit, so maybe this was causing the problem.
Comment 9 Colin Walters 2009-01-21 09:29:32 EST
We should strive to avoid the system bus crashing, at least up to a certain point.  If the SELinux policy changed to deny dbus from reading /etc or something, I could imagine we crash.  But if it's something less drastic it'd be good to know what it could be.
Comment 10 Daniel Walsh 2009-01-21 14:42:31 EST
It was denied access to /var/lib/misc/PolicyKit.reload 

I believe.

Note You need to log in before you can comment on or make changes to this bug.