Uploaded image for project: 'Funtoo Linux'
  1. Funtoo Linux
  2. FL-7578

SELinux - command prompt instead of xdm on debian-sources-5.7.10

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Normal Normal
    • None
    • None
    • None
    • Hide
      I SUSPECT one of those:
      allow xserver_t initrc_t:dbus send_msg;
      allow xdm_t initrc_t:dbus send_msg;
      allow initrc_t xdm_t:dbus send_msg;
      allow initrc_t xserver_t:dbus send_msg;
      Show
      I SUSPECT one of those: allow xserver_t initrc_t:dbus send_msg; allow xdm_t initrc_t:dbus send_msg; allow initrc_t xdm_t:dbus send_msg; allow initrc_t xserver_t:dbus send_msg;

      ENV
      1. tested with =debian-sources-lts-4.19.132_p1 and =debian-sources-5.7.10_p1. This bug occurs only in 5.7 - when I boot 4.19 there is no bug

      2.

      $ sestatus 
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             strict
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              disabled
Policy deny_unknown status:     denied
Memory protection checking:     actual (secure)
Max kernel policy version:      32

      3.

      $ emerge -pv @selinux-rebuild 

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild   R    ] sec-policy/selinux-base-2.20190201-r1::security-kit  USE="open_perms peer_perms ubac -doc (-systemd) -unconfined" 0 KiB
[ebuild   R    ] sec-policy/selinux-base-policy-2.20190201-r1::security-kit  USE="(-systemd) -unconfined" 0 KiB
[ebuild   R    ] sec-policy/selinux-xserver-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-dbus-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-lpd-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-virt-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-dirmngr-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-mandb-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-resolvconf-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-samba-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-tor-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-avahi-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-gpm-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-shutdown-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-brctl-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-java-2.20190201-r1::security-kit  USE="alsa" 0 KiB
[ebuild   R    ] sec-policy/selinux-sasl-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-ldap-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-openrc-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-screen-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-chronyd-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-snmp-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-pulseaudio-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-bluetooth-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-irc-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-kerberos-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-policykit-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-chromium-2.20190201-r1::security-kit  USE="alsa" 0 KiB
[ebuild   R    ] sec-policy/selinux-cups-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-devicekit-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-qemu-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-mozilla-2.20190201-r1::security-kit  USE="alsa" 0 KiB
[ebuild   R    ] sec-policy/selinux-gpg-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-xscreensaver-2.20190201-r1::security-kit  0 KiB
[ebuild   R    ] sec-policy/selinux-accountsd-2.20190201-r1::security-kit  0 KiB

      DESCRIPTION
      1. After booting I see command prompt instead of xdm when booting with debian-sources-5.7.10
      2. After

      # setenforce 0 && /etc/init.d/xdm restart

      XDM is frozen (can't type or move mouse cursor) - it unfreezes after I unplug or plug either keyboard or mouse

      audit.log
      to be investigated and pasted ...

            Unassigned Unassigned
            mrl5 mrl5
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: