login shell running as rpm_script_t?

Tom London selinux at gmail.com
Wed Dec 14 22:29:45 UTC 2005 

On 12/14/05, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Tom London wrote:
> > On 12/14/05, Daniel J Walsh <dwalsh at redhat.com> wrote:
> >
> >> Tom London wrote:
> >>
> >>> Running latest rawhide (selinux-policy-targeted-2.1.5-1):
> >>>
> >>> My login shell appears to be running as rpm_script_t.
> >>>
> >>> Did I do something funny?
> >>>    tom
> >>>
> >>> [tbl at tlondon ~]$ ps Z
> >>> LABEL                             PID TTY      STAT   TIME COMMAND
> >>> user_u:system_r:rpm_script_t:s0  3193 pts/1    Ss     0:00 bash
> >>> user_u:system_r:rpm_script_t:s0  3195 pts/2    Ss     0:00 bash
> >>> user_u:system_r:rpm_script_t:s0  3922 pts/2    R+     0:00 ps Z
> >>> [tbl at tlondon ~]$
> >>>
> >>> --
> >>> Tom London
> >>>
> >>> --
> >>> fedora-selinux-list mailing list
> >>> fedora-selinux-list at redhat.com
> >>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> >>>
> >>>
> >> What did you login using?  Looks like a bad default_context file.
> >>
> >>
> > Standard graphical login.
> >
> > Ah. I seem to have a default_contexts.rpmnew.  Here are the diffs:
> >
> > --- default_contexts    2005-12-13 14:14:45.000000000 -0800
> > +++ default_contexts.rpmnew     2005-12-08 13:58:07.000000000 -0800
> > @@ -1,9 +1,9 @@
> > -system_r:crond_t:s0            system_r:unconfined_t:s0
> > +system_r:xdm_t:s0              system_r:unconfined_t:s0
> > +system_r:unconfined_t:s0       system_r:unconfined_t:s0
> >  system_r:initrc_t:s0           system_r:unconfined_t:s0
> >  system_r:local_login_t:s0      system_r:unconfined_t:s0
> >  system_r:remote_login_t:s0     system_r:unconfined_t:s0
> >  system_r:rshd_t:s0             system_r:unconfined_t:s0
> > +system_r:crond_t:s0            system_r:unconfined_t:s0
> >  system_r:sshd_t:s0             system_r:unconfined_t:s0
> >  system_r:sysadm_su_t:s0                system_r:unconfined_t:s0
> > -system_r:unconfined_t:s0       system_r:unconfined_t:s0
> > -system_r:xdm_t:s0              system_r:unconfined_t:s0
> >
> > Is order 'important'?
> >
> > tom
> > --
> > Tom London
> >
> No.  Is gdm running as xdm_t?
>
> --
[root at tlondon contexts]# ps agxZ | grep gdm
system_u:system_r:xdm_t:s0-s0:c0.c255 2968 ?   S      0:00
/usr/sbin/gdm-binary -nodaemon
system_u:system_r:xdm_t:s0-s0:c0.c255 3000 ?   S      0:00
/usr/sbin/gdm-binary -nodaemon
system_u:system_r:xdm_t:s0-s0:c0.c255 3005 tty7 Ss+   3:17
/usr/bin/Xorg :0 -audit 0 -auth /var/gdm/:0.Xauth -nolisten tcp vt7
root:system_r:ldconfig_t:s0-s0:c0.c255 5270 pts/1 R+   0:00 grep gdm

ldconfig_t for 'grep'?  (This is running as a 'su -' root).

Something funny.  I'll reboot.

tom

--
Tom London

More information about the fedora-selinux-list mailing list