selinux -- or is it
Daniel J Walsh
dwalsh at redhat.com
Wed May 7 10:14:45 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
g wrote:
> installed fedora 8, finally, but not with out a few problems and reinstalls.
> next to last install was a clean boot straight up to command line login.
>
> first 3 login attempts were as user, then 3 failures as root. 3 finger salute,
> rebooted to m2k8 to view f8 logs, which showed error to be pam_unix related.
>
> posted problem, went off list to try a few tricks, concluded had to be
> pam_unix and decided that fresh install would be thing to do. clear partition,
> reinstalled again.
>
> this time, i disabled selinux so that i could check to see if there might be
> other problems. there were not as i was able to login as root.
>
> started kde, made changes to desktop, exited kde, rebooted. logged back in
> made a few changes to networking and a couple others. nothing related to
> selinux, firewall or anything security related were changed.
>
> rebooted and back into kde, i enabled selinux at enforcing, rebooted. this
> time around, tried to login, but was kicked back out. 3 finger again.
>
> on next boot, i went in init 1, checked logs again and found pam_unix was
> back to kicking me out.
>
> not to be out done, this time i thought about what was happening i vi'ed a
> config file, 'reboot'.
>
> back at login, root was accepted, kde, then 'system | selinux management'.
> all looked good, not wanting to change anything yet, i left it as it was and
> closed selinux management.
>
> back at desktop, right click for short menu to log out of kde. nothing. left
> click. nothing. 3 finger back to cl, reboot, back up level 3. login ok, kde
> ok.
>
> other than reading about selinux in 'linux format' mag, i have yet to read any
> more about, but i will be.
>
> so, what i would like to know, why is 'enforcing' keeping me from logging in?
>
> in replying, please trim out non relative text. i thank you and so will others.
>
> i look forward to replies to find if this is a bug or a miss config.
>
> i thank you in advance for your time.
>
> later.
>
>
>
Not sure why. Could you look for avc messages in
/var/log/audit/audit.log or /var/log/messages
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkghgRQACgkQrlYvE4MpobPCoACgspKEcUgCHw27j6L5R1dH1dVa
KYEAniiiUdfItQJZ9Es4caqt9+hWmYrl
=Xl2g
-----END PGP SIGNATURE-----
More information about the fedora-list
mailing list