Bug 832806 - SElinux-policy update (FC17) - prevents KDM login (have to disable selinux to login now)
SElinux-policy update (FC17) - prevents KDM login (have to disable selinux to...
Status: CLOSED DUPLICATE of bug 832840
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
17
x86_64 Linux
unspecified Severity urgent
: ---
: ---
Assigned To: Miroslav Grepl
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-17 10:23 EDT by Morgan Cox
Modified: 2012-06-18 15:09 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-06-18 04:46:37 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Morgan Cox 2012-06-17 10:23:42 EDT
Description of problem:

After today's updates -

Jun 17 08:18:51 Updated: selinux-policy-3.10.0-130.fc17.noarch
Jun 17 08:18:52 Updated: selinux-policy-devel-3.10.0-130.fc17.noarch
Jun 17 08:18:59 Updated: selinux-policy-targeted-3.10.0-130.fc17.noarch

I can no longer login to KDE with SELinux enabled.

I have to disable it in /etc/selinux/config to login

It won't 'enter' the password with Selinux enabled now
- you can type the username - > press enter and it goes to the password box - however it will not input the password when you press enter... With SELinux disabled - its fine
- it worked previously



Version-Release number of selected component (if applicable):

selinux-policy-3.10.0-130.fc17.noarch
selinux-policy-devel-3.10.0-130.fc17.noarch
selinux-policy-targeted-3.10.0-130.fc17.noarch


How reproducible:

100%

Steps to Reproduce:
1. boot computer with selinux
2. fail to be able to enter the password...
3.
  
Actual results:

Not being able to login to KDE (when selinux is enabled)


Expected results:

Being able to login with selinux enabled


Additional info:
Comment 1 Miroslav Grepl 2012-06-17 17:12:16 EDT
Could you please boot in permissive mode with

enforcing=0 

as kernel parametr and then try to execute

# ausearch -m avc -ts recent

# id -Z
Comment 2 Miroslav Grepl 2012-06-18 04:46:37 EDT

*** This bug has been marked as a duplicate of bug 832840 ***
Comment 3 Morgan Cox 2012-06-18 15:09:49 EDT
As mentioned on the other thread (bug 832840)

# chcon -t xdm_exec_t /usr/bin/kdm

Fixes the issue.

Should be fixed in the next selinux update

Thanks everybody !

Note You need to log in before you can comment on or make changes to this bug.