Greeetings, I just tried the following:
yum install kernel-devel.x86_64
and got
Installing: kernel-devel ######################### [1/1] error: %post(kernel-devel-2.6.19-1.2911.fc6.x86_64) scriptlet failed, exit status 255
the failure seems to be related to the following in the audit log:
type=AVC msg=audit(1172166288.763:92): avc: denied { transition } for pid=7023 comm="yum" name="bash" dev=dm-1 ino=409636 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:rpm_script_t:s0-s0:c0.c1023 tclass=process type=SYSCALL msg=audit(1172166288.763:92): arch=c000003e syscall=59 success=no exit=-13 a0=3b5afef a1=7fff58604730 a2=4112960 a3=5f74c70 items=0 ppid=6779 pid=7023 auid=503 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 comm="yum" exe="/usr/bin/python" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) type=AVC_PATH msg=audit(1172166288.763:92): path="/bin/bash"
which I understand being a failure to exec() bash, correct ?
Apparently, yum is running as system_u:system_r:xdm_t, which I find somewhat surprising, but still.
Thank you for your consideration, Davide Bolcioni
Davide Bolcioni wrote:
Greeetings, I just tried the following:
yum install kernel-devel.x86_64
and got
Installing: kernel-devel ######################### [1/1] error: %post(kernel-devel-2.6.19-1.2911.fc6.x86_64) scriptlet failed, exit status 255
the failure seems to be related to the following in the audit log:
type=AVC msg=audit(1172166288.763:92): avc: denied { transition } for pid=7023 comm="yum" name="bash" dev=dm-1 ino=409636 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:rpm_script_t:s0-s0:c0.c1023 tclass=process type=SYSCALL msg=audit(1172166288.763:92): arch=c000003e syscall=59 success=no exit=-13 a0=3b5afef a1=7fff58604730 a2=4112960 a3=5f74c70 items=0 ppid=6779 pid=7023 auid=503 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 comm="yum" exe="/usr/bin/python" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) type=AVC_PATH msg=audit(1172166288.763:92): path="/bin/bash"
which I understand being a failure to exec() bash, correct ?
Apparently, yum is running as system_u:system_r:xdm_t, which I find somewhat surprising, but still.
Thank you for your consideration, Davide Bolcioni
There is a problem in the latest version of pam_selinux that is causing this problem.
You can either revert to the previous version of pam or wait for the next update.
On Thu, 2007-02-22 at 13:56 -0500, Daniel J Walsh wrote:
Davide Bolcioni wrote:
Greeetings, I just tried the following:
yum install kernel-devel.x86_64
and got
Installing: kernel-devel ######################### [1/1] error: %post(kernel-devel-2.6.19-1.2911.fc6.x86_64) scriptlet failed, exit status 255
the failure seems to be related to the following in the audit log:
type=AVC msg=audit(1172166288.763:92): avc: denied { transition } for pid=7023 comm="yum" name="bash" dev=dm-1 ino=409636 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:rpm_script_t:s0-s0:c0.c1023 tclass=process type=SYSCALL msg=audit(1172166288.763:92): arch=c000003e syscall=59 success=no exit=-13 a0=3b5afef a1=7fff58604730 a2=4112960 a3=5f74c70 items=0 ppid=6779 pid=7023 auid=503 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 comm="yum" exe="/usr/bin/python" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) type=AVC_PATH msg=audit(1172166288.763:92): path="/bin/bash"
which I understand being a failure to exec() bash, correct ?
Apparently, yum is running as system_u:system_r:xdm_t, which I find somewhat surprising, but still.
Thank you for your consideration, Davide Bolcioni
There is a problem in the latest version of pam_selinux that is causing this problem.
You can either revert to the previous version of pam or wait for the next update.
gdm at least doesn't use pam_selinux AFAICS, so it wouldn't be affected by the pam_selinux bug.
If you log out and log back in, is your session still running in xdm_t? That is definitely wrong.
selinux@lists.fedoraproject.org