On Fri, Aug 30, 2019 at 2:57 PM arnaud gaboury <arnaud.gaboury@gmail.com> wrote:

I run one Fedora Atomic 30 desktop and one server. I am lfet with two issues on these machines.

1. On server:

---------
gabx@poppy➤➤ ~ % su
zsh: permission denied: su
gabx@poppy➤➤ ~ % sudo -i
[sudo] password for gabx:
root@poppy➤➤ ~ #
-------------------------
Is it the expected behavior? I could run su a few days ago.
Below some info:
----------
# cat /etc/sudoers
root ALL=(ALL) ALL
%wheel ALL=(ALL) ALL
#includedir /etc/sudoers.d

# cat /etc/sudoers.d/gabx
gabx ALL=(ALL) TYPE=sysadm_t ROLE=sysadm_r ALL
# semanage login -l

Login Name SELinux User MLS/MCS Range Service

__default__ unconfined_u s0-s0:c0.c1023 *
gabx sysadm_u s0-s0:c0.c1023 *
root system_u s0-s0:c0.c1023 *

gabx@poppy➤➤ ~ % id -Z
sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023
------------------------------------------------

NOTE:

after I fixed some SELinux warnings, I have now the following:

--------------------------

gabx@poppy➤➤ ~ % su -
zsh: segmentation fault su -
gabx@poppy➤➤ ~ % strace -o /tmp/u su
zsh: segmentation fault (core dumped) strace -o /tmp/u su
gabx@poppy➤➤ ~ % cat /tmp/u
execve("/usr/bin/su", ["su"], 0x7ffcb9fe7360 /* 29 vars */) = -1 EACCES (Permission denied)
+++ killed by SIGSEGV +++

.................................

2. On Silverblue desktop, I can't start the system anymore with selinux enforced. I had to edit kernel command line with selinux=0 to boot, then edit selinux config to disable.
How can I debug and solve this issue?

Thank you for help.