login shell running as rpm_script_t?
Tom London
selinux at gmail.com
Wed Dec 14 22:29:45 UTC 2005
On 12/14/05, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Tom London wrote:
> > On 12/14/05, Daniel J Walsh <dwalsh at redhat.com> wrote:
> >
> >> Tom London wrote:
> >>
> >>> Running latest rawhide (selinux-policy-targeted-2.1.5-1):
> >>>
> >>> My login shell appears to be running as rpm_script_t.
> >>>
> >>> Did I do something funny?
> >>> tom
> >>>
> >>> [tbl at tlondon ~]$ ps Z
> >>> LABEL PID TTY STAT TIME COMMAND
> >>> user_u:system_r:rpm_script_t:s0 3193 pts/1 Ss 0:00 bash
> >>> user_u:system_r:rpm_script_t:s0 3195 pts/2 Ss 0:00 bash
> >>> user_u:system_r:rpm_script_t:s0 3922 pts/2 R+ 0:00 ps Z
> >>> [tbl at tlondon ~]$
> >>>
> >>> --
> >>> Tom London
> >>>
> >>> --
> >>> fedora-selinux-list mailing list
> >>> fedora-selinux-list at redhat.com
> >>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> >>>
> >>>
> >> What did you login using? Looks like a bad default_context file.
> >>
> >>
> > Standard graphical login.
> >
> > Ah. I seem to have a default_contexts.rpmnew. Here are the diffs:
> >
> > --- default_contexts 2005-12-13 14:14:45.000000000 -0800
> > +++ default_contexts.rpmnew 2005-12-08 13:58:07.000000000 -0800
> > @@ -1,9 +1,9 @@
> > -system_r:crond_t:s0 system_r:unconfined_t:s0
> > +system_r:xdm_t:s0 system_r:unconfined_t:s0
> > +system_r:unconfined_t:s0 system_r:unconfined_t:s0
> > system_r:initrc_t:s0 system_r:unconfined_t:s0
> > system_r:local_login_t:s0 system_r:unconfined_t:s0
> > system_r:remote_login_t:s0 system_r:unconfined_t:s0
> > system_r:rshd_t:s0 system_r:unconfined_t:s0
> > +system_r:crond_t:s0 system_r:unconfined_t:s0
> > system_r:sshd_t:s0 system_r:unconfined_t:s0
> > system_r:sysadm_su_t:s0 system_r:unconfined_t:s0
> > -system_r:unconfined_t:s0 system_r:unconfined_t:s0
> > -system_r:xdm_t:s0 system_r:unconfined_t:s0
> >
> > Is order 'important'?
> >
> > tom
> > --
> > Tom London
> >
> No. Is gdm running as xdm_t?
>
> --
[root at tlondon contexts]# ps agxZ | grep gdm
system_u:system_r:xdm_t:s0-s0:c0.c255 2968 ? S 0:00
/usr/sbin/gdm-binary -nodaemon
system_u:system_r:xdm_t:s0-s0:c0.c255 3000 ? S 0:00
/usr/sbin/gdm-binary -nodaemon
system_u:system_r:xdm_t:s0-s0:c0.c255 3005 tty7 Ss+ 3:17
/usr/bin/Xorg :0 -audit 0 -auth /var/gdm/:0.Xauth -nolisten tcp vt7
root:system_r:ldconfig_t:s0-s0:c0.c255 5270 pts/1 R+ 0:00 grep gdm
ldconfig_t for 'grep'? (This is running as a 'su -' root).
Something funny. I'll reboot.
tom
--
Tom London
More information about the fedora-selinux-list
mailing list