Bug 493208 - Unable to login through GDM
Unable to login through GDM
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
All Linux
medium Severity urgent
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-03-31 18:23 EDT by Ben Gamari
Modified: 2009-05-02 18:11 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-05-01 14:29:33 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ben Gamari 2009-03-31 18:23:04 EDT
Ever since yesterday's big Rawhide update, I've been unable to login to my
account through gdm. After entering my user name and password, the PAM
conversation continues with gdm asking me, "Would you like to enter a
security context?" On entering "N" the login fails and the gdm greeter
denies login with "Unable to open session" while pausing for some time,
often requiring Ctrl-Alt-Backspace to reclaim control of the computer.

After entering "N", the following messages appear in /var/log/secure,

> Mar 31 17:50:13 mercury pam: gdm[5157]: pam_selinux(gdm:session): Unable to get valid context for ben
> Mar 31 17:50:13 mercury pam: gdm[5157]: pam_unix(gdm:session): session opened for user ben by (uid=0)

After entering my password, the following message appears in

> type=LOGIN msg=audit(1238536335.839:224): login pid=5330 uid=0 old auid=500 new auid=500 old ses=1 new ses=15

Followed by the following messages after entering "N" to entering a

> type=USER_START msg=audit(1238536339.236:225): user pid=5330 uid=0 auid=500 ses=15 subj=unconfined_u:unconfined_r:unconfined_ t:s0-s0:c0.c1023 msg='op=PAM:session_open acct="ben" exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=failed)'
> type=USER_LOGIN msg=audit(1238536339.236:226): user pid=5330 uid=0 auid=500 ses=15 subj=unconfined_u:unconfined_r:unconfined_ t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=/dev/tty7 res=failed)'
> type=CRED_DISP msg=audit(1238536339.237:227): user pid=5330 uid=0 auid=500 ses=15 subj=unconfined_u:unconfined_r:unconfined_t :s0-s0:c0.c1023 msg='op=PAM:setcred acct="ben" exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
Comment 1 Daniel Walsh 2009-04-01 14:49:59 EDT
Ben what context is gdm running as?

ps -eZ | grep gdm

If you kill gdm and restart it does it run as xdm_t?  Does it work then?
Comment 2 Daniel Walsh 2009-05-01 14:29:33 EDT
I take it this is fixed,   Lots of releases since this bug
Comment 3 Ben Gamari 2009-05-02 18:11:13 EDT
That's right, things are fine now. Thanks for your work!

Note You need to log in before you can comment on or make changes to this bug.