Bug 510457 - DBus error messages with pam_oddjob_mkhomedir.so and disabled SELinux
DBus error messages with pam_oddjob_mkhomedir.so and disabled SELinux
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: oddjob (Show other bugs)
5.3
All Linux
medium Severity medium
: rc
: ---
Assigned To: Nalin Dahyabhai
Ondrej Moriš
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-07-09 07:14 EDT by Tomas Smetana
Modified: 2013-04-12 16:19 EDT (History)
3 users (show)

See Also:
Fixed In Version: oddjob-0.27-11.el5
Doc Type: Bug Fix
Doc Text:
Previously, the oddjob_request and pam_oddjob_mkhomedir.so clients would print an error message, when running on systems on which SELinux had been disabled. This was because these clients could not determine the SELinux context of the running oddjobd daemon. With this update, the clients do not attempt to do so anymore and the issue is resolved.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-09-01 08:32:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Proposed patch (1.81 KB, patch)
2009-07-09 07:14 EDT, Tomas Smetana
no flags Details | Diff

  None (edit)
Description Tomas Smetana 2009-07-09 07:14:00 EDT
Description of problem:
When using pam_oddjob_mkhomedir.so on a system with SELinux disabled, the following errors appear when using "su":

Error org.freedesktop.DBus.Error.SELinuxSecurityContextUnknown: Could not determine security context for ':1.586'

Otherwise everything works OK.

Version-Release number of selected component (if applicable):
oddjob-0.27-9.el5

How reproducible:
always

Steps to Reproduce:
1. Disable SELinux
2. Add to /etc/pam.d/system-auth:
session required pam_oddjob_mkhomedir.so
3. Restart the messagebus and oddjobd services
4. su - some_user, where some_user's home doesn't exist yet
  
Actual results:
Error org.freedesktop.DBus.Error.SELinuxSecurityContextUnknown: Could not determine security context for ':1.1'.
Creating home directory for some_user

Expected results:
Creating home directory for some_user

Additional info:
I think oddjob shouldn't ask for SELinux context on a system where SELinux is disabled.
Comment 1 Tomas Smetana 2009-07-09 07:14:39 EDT
Created attachment 351039 [details]
Proposed patch
Comment 3 RHEL Product and Program Management 2009-11-06 14:15:44 EST
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
Comment 10 errata-xmlrpc 2010-09-01 08:32:08 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2010-0668.html
Comment 11 Florian Nadge 2010-10-18 13:18:41 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Previously, the oddjob_request and pam_oddjob_mkhomedir.so clients would print an error message, when running on systems on which SELinux had been disabled. This was because these clients could not determine the SELinux context of the running oddjobd daemon. With this update, the clients do not attempt to do so anymore and the issue is resolved.

Note You need to log in before you can comment on or make changes to this bug.