Red Hat Bugzilla – Bug 480652
crashes on setenforce
Last modified: 2013-03-05 22:57:33 EST
Running 'setenforce 0' seems to crash the system message bus with today's rawhide. Blocking F11Alpha as we have to do this for live installs to be able to do everything they need to do.
I can't reproduce this; are you able to get a stack trace?
Also at what stage does this occur? Is this with the dbus run from the initrd? Or at a later state?
Desktop running from the livecd, start a terminal, run 'setenforce 0'. This was with the livecd of yesterday as I haven't built one yet today.
Dan -- is this something that you think might have gotten fixed in today's selinux-policy? As it sort of looks like it could be back to working now.
I can't think offhand of a way in which a selinux-policy change could cause dbus to crash. However - dbus does link in libselinux because it acts as a userspace enforcer, and in fact the libselinux code is run when setenforce is invoked.
I can't reproduce this from the rawhide-i686-20090119.0.iso either; should we remove this from the blocker list from now, and if it reappears in a repeatable way, readd to the blocker list?
We could just close it, and re-open if it happens again.
There were a lot of breakages around handling polkit, so maybe this was causing the problem.
We should strive to avoid the system bus crashing, at least up to a certain point. If the SELinux policy changed to deny dbus from reading /etc or something, I could imagine we crash. But if it's something less drastic it'd be good to know what it could be.
It was denied access to /var/lib/misc/PolicyKit.reload I believe.