From: dwalsh@redhat.com (Daniel J Walsh)
Date: Fri, 16 Sep 2011 11:58:27 -0400
Subject: [refpolicy] pam_selinux(gdm-password:session): Security Context
 justin:staff_r:insmod_t:s0 Assigned
In-Reply-To: <4E7369AF.3000709@yahoo.com>
References: <1316144432.85313.YahooMailNeo@web114304.mail.gq1.yahoo.com>
	<4E736453.8000506@redhat.com> <4E7369AF.3000709@yahoo.com>
Message-ID: <4E737223.1060601@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/16/2011 11:22 AM, Justin P. Mattock wrote:
> On 09/16/2011 07:59 AM, Daniel J Walsh wrote:
>> ps -eZ |grep sshd
> I dont have sshd running, but here is ps auxZ to give you an idea
> of what I am seeing: http://fpaste.org/u6IB/
> 
> if I adjust /etc/pam.d/login and add select_context to
> pam_selinux.so then do init 3 in lilo I am able to have the
> context justin:staff_r:staff_t:s0  the way it should. but as soon
> as I init 5 gdm starts up, and everything goes back to
> name:staff_r:insmod_t:s0
> 
> I think I am either missing a boolean to have the transisiton
> runing properly, and/or pam.d or some config file somewhere needs
> to be adjusted. keep in mind refpolicy has no patches added to
> it(not sure if I need any for systemd), just plain git pull
> etc...
> 
> Justin P. Mattock
Well since you don't have a init_t running, I think your problem
starts there.  Looks like your system is badly mislabeled or something
in init is broken.   I take it this is not a Red Hat Based OS?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk5zciMACgkQrlYvE4MpobOs4wCcD/KSvuhb5GxhPCZcMEDGI1dD
X70AnR2OLyUzsaLlDRmP0jm7ABwzFHBj
=aH02
-----END PGP SIGNATURE-----