Your message dated Mon, 19 Jan 2009 10:20:48 +0100
with message-id <[email protected]>
and subject line Re: [DSE-User] wrong context with graphical login
has caused the Debian Bug report #501647,
regarding selinux-policy-default: Window manager type is update_modules_t
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
501647: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501647
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: selinux-policy-default
Version: 2:0.0.20080702-12
Severity: normal
After installing SELinux, relabeling files and rebooting, everything
looks fine ... except a weird type for X window manager:
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 4294 ? Ss 0:00
/usr/sbin/gdm
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 4396 ? S 0:00 \_
/usr/sbin/gdm
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 4600 tty7 SLs+ 0:08
\_ /usr/bin/X :0 -audit 0 -auth /var/lib/gdm/:0.Xauth -nolisten tcp vt7
unconfined_u:system_r:update_modules_t:s0-s0:c0.c1023 4619 ? Ss 0:01 \_
/usr/bin/fluxbox
unconfined_u:system_r:update_modules_t:s0-s0:c0.c1023 4657 ? Ss 0:00
\_ /usr/bin/ssh-agent /usr/bin/startfluxbox
unconfined_u:system_r:update_modules_t:s0-s0:c0.c1023 4831 ? Ss 0:00
\_ xterm
The problem persist after another relabel + reboot.
Any idea why the WM type is update_modules_t ?
Regards,
Pierre
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages selinux-policy-default depends on:
ii libpam-modules 1.0.1-4+b1 Pluggable Authentication Modules f
ii libselinux1 2.0.65-5 SELinux shared libraries
ii libsepol1 2.0.30-2 Security Enhanced Linux policy lib
ii policycoreutils 2.0.49-6 SELinux core policy utilities
ii python 2.5.2-2 An interactive high-level object-o
Versions of packages selinux-policy-default recommends:
ii checkpolicy 2.0.16-2 SELinux policy compiler
ii setools 3.3.5.ds-3 tools for Security Enhanced Linux
Versions of packages selinux-policy-default suggests:
pn logcheck <none> (no description available)
pn syslog-summary <none> (no description available)
-- no debconf information
--- End Message ---
--- Begin Message ---
On Sun, Jan 18, 2009 at 10:04:12PM +0000, Martin Orr wrote:
> On 14/01/09 19:47, Pierre Chifflier wrote:
> > On Mon, Jan 12, 2009 at 05:51:58PM +0000, Martin Orr wrote:
> >> If not, then do you have the xserver module loaded? (Check semodule -l)
> >
> > xserver is indeed not loaded. selinux-policy-default is correcty
> > installed, and file is present at /usr/share/selinux/default/xserver.pp
> >
> > I'll try to load it manually and see if it resolves the problem.
> >
> > If this is the source of the problem, why isn't this module loaded ?
>
> I've no idea - it should be loaded whenever you installed
> selinux-policy-default. (Unless you installed selinux-policy-default before
> gdm/xserver-xorg.)
>
Hi,
I confirm that loading module xserver and rebooting (restarting gdm
should be enough, though) solves the problem, so I'm closing this bug.
It would be a good idea to ensure that modules are properly loaded when
installing X after selinux, since I think it's a very common case ..
Thanks for your help !
Cheers,
Pierre
--- End Message ---
