selinux-policy-targeted-1.17.30-2.90 troubles. (FC3)
Daniel J Walsh
dwalsh at redhat.com
Thu Mar 31 03:22:10 UTC 2005
Omri Schwarz wrote:
>A machine installed as FC3 got its update from up2date yesterday
>and now will no longer allow logins on the console, nor the X console,
>and will no longer allow the sudoers to sudo.
>
>Touching /.autorelabel and rebooting has not fixed the problem.
>
>The sudo problem only leaves this message to the console:
>
>root:system_r:unconfined_t is not a valid context
>
>And this in the logs:
>
>Mar 29 18:19:55 HOST sudo: omri : TTY=pts/0 ; PWD=/nfs/newline/h1/omri ;
>USER=root ; COMMAND=/bin/su root
>
>The attempt to log to the X console leaves this in the logs:
>
>Mar 29 18:36:22 HOST gdm-binary[5538]: pam_krb5[5538]: authentication succeeds
>for 'omri' (omri at KRB5REALM)
>Mar 29 18:36:22 HOST gdm(pam_unix)[5538]: session opened for user omri by
>(uid=0)
>Mar 29 18:36:22 HOST gdm[5135]: gdm_cleanup_children: child 5538 crashed of
>signal 6
>Mar 29 18:36:22 HOST gdm[5135]: gdm_cleanup_children: Slave crashed, killing
>its children
>
>Logging in as root leaves what might be slightly more useful:
>
>Mar 29 18:43:56 HOST gdm(pam_unix)[6206]: session opened for user root by
>(uid=0)
>Mar 29 18:43:56 HOST dbus-daemon-1: avc: could not determine enforcing mode
>
>Meanwhile, I can SSH in and su to root without a problem.
>
>I am very much an SELinux newbie, and was hoping to learn about this system by
>installing the targeted policy and seeing it in action, but here I am
>mystified.
>None of the messages are enough for me to figure out what needs chcon'ing.
>
>So I would be much obliged for any help you could offer.
>
>
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
I am not sure this is an SELinux problem. Did you try to boot with
enforcing=0 on the command line?
Dan
--
More information about the fedora-selinux-list
mailing list