[redhat-lspp] LSPP kickstart config v0.8 released

Klaus Weidner klaus at atsec.com
Tue Oct 17 04:46:26 UTC 2006 

On Sun, Oct 15, 2006 at 05:51:51PM -0500, George Wilson wrote:
> I'm running the Beta Server 20061006.2 + updates.img + lspp.52 with MLS in
> enforcing mode on ppc64.  I installed with netboot using the kickstart
> incarnation available last week.  There was a problem with the relabel
> before reboot, which looks like a base policy problem.  I had to boot with
> enforcing=0 initially to avoid init panicking the system.  Once the
> filesystem was relabeled, I rebooted in enforcing without problems.  I can
> even login, both console and ssh, in enforcing mode.

I've now tried using your configuration on i686, adding the lspp.42
kernel in the ks postinstall phase, and booting the first time in
nonenforcing mode.

The problem seems to be a segfault in or around the pam_loginuid.so
module:

[pid  1856] open("/proc/self/loginuid", O_WRONLY|O_TRUNC|O_LARGEFILE|O_NOFOLLOW) = 6
[pid  1856] write(6, "500", 3)          = 3
[pid  1856] close(6)                    = 0
[pid  1856] socket(PF_NETLINK, SOCK_RAW, 9) = 6
[pid  1856] fcntl64(6, F_SETFD, FD_CLOEXEC) = 0
[pid  1856] sendto(6, "\20\0\0\0\350\3\5\0\1\0\0\0\0\0\0\0", 16, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 16
[pid  1856] poll([{fd=6, events=POLLIN, revents=POLLIN}], 1, 100) = 1
[pid  1856] recvfrom(6, "0\0\0\0\350\3\0\0\1\0\0\0@\7\0\0\2639a\300\1\0\0\0\1\0"..., 8988, MSG_PEEK|MSG_DONTWAIT, {sa_family=AF_NETLINK, pid=0, groups=00000000}, [12]) = 48
[pid  1856] select(7, [6], NULL, NULL, {0, 100000}) = 1 (in [6], left {0, 100000})
[pid  1856] recvfrom(6, "0\0\0\0\350\3\0\0\1\0\0\0@\7\0\0\2639a\300\1\0\0\0\1\0"..., 8988, MSG_DONTWAIT, {sa_family=AF_NETLINK, pid=0, groups=00000000}, [12]) = 48
[pid  1856] close(6)                    = 0
[pid  1856] --- SIGSEGV (Segmentation fault) @ 0 (0) ---
Process 1856 detached
[pid  1853] <... read resumed> 0xbff4f464, 4) = ? ERESTARTSYS (To be restarted)
[pid  1853] --- SIGCHLD (Child exited) @ 0 (0) ---

Disabling the "session    required     pam_loginuid.so require_auditd"
line in /etc/pam.d/sshd makes ssh work for me.

Auditd is running, and seems to be working.

Has anyone else seen this?

-Klaus

More information about the redhat-lspp mailing list