On Fri, Aug 30, 2019 at 2:57 PM arnaud gaboury <arnaud.gaboury(a)gmail.com>
wrote:
I run one Fedora Atomic 30 desktop and one server. I am lfet with
two
issues on these machines.
1. On server:
---------
gabx@poppy➤➤ ~ % su
zsh: permission denied: su
gabx@poppy➤➤ ~ % sudo -i
[sudo] password for gabx:
root@poppy➤➤ ~ #
-------------------------
Is it the expected behavior? I could run su a few days ago.
Below some info:
----------
# cat /etc/sudoers
root ALL=(ALL) ALL
%wheel ALL=(ALL) ALL
#includedir /etc/sudoers.d
# cat /etc/sudoers.d/gabx
gabx ALL=(ALL) TYPE=sysadm_t ROLE=sysadm_r ALL
# semanage login -l
Login Name SELinux User MLS/MCS Range Service
__default__ unconfined_u s0-s0:c0.c1023 *
gabx sysadm_u s0-s0:c0.c1023 *
root system_u s0-s0:c0.c1023 *
gabx@poppy➤➤ ~ % id -Z
sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023
------------------------------------------------
NOTE:
after I fixed some SELinux warnings, I have now the following:
--------------------------
gabx@poppy➤➤ ~ % su -
zsh: segmentation fault su -
gabx@poppy➤➤ ~ % strace -o /tmp/u su
zsh: segmentation fault (core dumped) strace -o /tmp/u su
gabx@poppy➤➤ ~ % cat /tmp/u
execve("/usr/bin/su", ["su"], 0x7ffcb9fe7360 /* 29 vars */) = -1
EACCES
(Permission denied)
+++ killed by SIGSEGV +++
.................................
2. On Silverblue desktop, I can't start the system anymore with
selinux
enforced. I had to edit kernel command line with selinux=0 to boot, then
edit selinux config to disable.
How can I debug and solve this issue?
Thank you for help.