On one of my systems, if Selinux is targeted I cannot access to graphical session, as password would be wrong (all users and root) As soon as Selinux=0 at boot time system works fine.System is fully updated I cannot find a related bug in bugzilla... Tnx
On Sat, 2010-11-27 at 15:47 +0100, Antonio M wrote:
On one of my systems, if Selinux is targeted I cannot access to graphical session, as password would be wrong (all users and root) As soon as Selinux=0 at boot time system works fine.System is fully updated I cannot find a related bug in bugzilla... Tnx
Did you try relabeling the whole system? May be required if you've run with selinux off (permissive is better if you want to temporarily disable selinux):
touch /.autorelabel; reboot
-Chris
Chris Tyler ha scritto / said the following il giorno/on 27/11/2010 15:58:
On Sat, 2010-11-27 at 15:47 +0100, Antonio M wrote:
On one of my systems, if Selinux is targeted I cannot access to graphical session, as password would be wrong (all users and root) As soon as Selinux=0 at boot time system works fine.System is fully updated I cannot find a related bug in bugzilla... Tnx
Did you try relabeling the whole system? May be required if you've run with selinux off (permissive is better if you want to temporarily disable selinux):
touch /.autorelabel; reboot
-Chris
I used the graphical management tool to relabel it, that should do what you suggest (and I rebooted): now I will see what happens in Permissive mode. Any way to see a log of Selinux on my system???
Tnx
Antonio
antonio ha scritto / said the following il giorno/on 27/11/2010 16:08:
Chris Tyler ha scritto / said the following il giorno/on 27/11/2010 15:58:
On Sat, 2010-11-27 at 15:47 +0100, Antonio M wrote:
On one of my systems, if Selinux is targeted I cannot access to graphical session, as password would be wrong (all users and root) As soon as Selinux=0 at boot time system works fine.System is fully updated I cannot find a related bug in bugzilla... Tnx
Did you try relabeling the whole system? May be required if you've run with selinux off (permissive is better if you want to temporarily disable selinux):
touch /.autorelabel; reboot
-Chris
I used the graphical management tool to relabel it, that should do what you suggest (and I rebooted): now I will see what happens in Permissive mode. Any way to see a log of Selinux on my system???
Tnx
Antonio
I rebooted in permissive mode and of course I can login: but I have a long list of Selinux ACV that I cannot decode :-(
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 11/27/2010 10:37 AM, antonio montagnani wrote:
antonio ha scritto / said the following il giorno/on 27/11/2010 16:08:
Chris Tyler ha scritto / said the following il giorno/on 27/11/2010 15:58:
On Sat, 2010-11-27 at 15:47 +0100, Antonio M wrote:
On one of my systems, if Selinux is targeted I cannot access to graphical session, as password would be wrong (all users and root) As soon as Selinux=0 at boot time system works fine.System is fully updated I cannot find a related bug in bugzilla... Tnx
Did you try relabeling the whole system? May be required if you've run with selinux off (permissive is better if you want to temporarily disable selinux):
touch /.autorelabel; reboot
-Chris
I used the graphical management tool to relabel it, that should do what you suggest (and I rebooted): now I will see what happens in Permissive mode. Any way to see a log of Selinux on my system???
Tnx
Antonio
I rebooted in permissive mode and of course I can login: but I have a long list of Selinux ACV that I cannot decode :-(
Please send them to me, and I will look at them. Or run them through audit2allow
ausearch -m avc -ts recent | audit2allow
Should give me an idea of what you are seeing.
-
Antonio M -
antonio montagnani -
Chris Tyler -
Daniel J Walsh