Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Chris PeBenito <pebenito@g.o>
To: Ed Wildgoose <lists@××××××××××.com>
Cc: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] Can't log into my selinux system
Date: Wed, 28 Apr 2004 14:41:38
Message-Id: 1083163292.345.9.camel@gorn.pebenito.net
In Reply to: [gentoo-hardened] Can't log into my selinux system by Ed Wildgoose
1 On Wed, 2004-04-28 at 07:58, Ed Wildgoose wrote:
2 > Oh dear. I can't log into my new selinux system. Keeps saying it can't
3 > find a context for root, and would I like to enter a security
4 > context.... Obviously I saw the note about this situation in the FAQ,
5 > and have reloaded the entire policy and relabeled the entire fs a few
6 > times. Any pointers on what is happening here please? (It's not in
7 > enforcing mode, so why is this happening at all?)
8
9 This happens because regardless of permissive/enforcing, the security
10 functions that tell login what a user's login contexts are, always work
11 the same. If login isn't in the right context, then it won't return any
12 contexts. I wrote sestatus for these situations; run sestatus -v, and
13 the contexts should look like this:
14
15 Process contexts:
16 Current context: pebenito:sysadm_r:sysadm_t
17 Init context: system_u:system_r:init_t
18 /sbin/mingetty system_u:system_r:getty_t
19 /sbin/agetty system_u:system_r:getty_t
20 /usr/sbin/sshd system_u:system_r:sshd_t
21
22 File contexts:
23 Controlling term: pebenito:object_r:sysadm_devpts_t
24 /etc/passwd system_u:object_r:etc_t
25 /etc/shadow system_u:object_r:shadow_t
26 /bin/bash system_u:object_r:shell_exec_t
27 /bin/login system_u:object_r:login_exec_t
28 /bin/sh system_u:object_r:bin_t -> system_u:object_r:shell_exec_t
29 /sbin/agetty system_u:object_r:getty_exec_t
30 /sbin/init system_u:object_r:init_exec_t
31 /sbin/mingetty system_u:object_r:getty_exec_t
32 /usr/sbin/sshd system_u:object_r:sshd_exec_t
33 /lib/libc.so.6 system_u:object_r:lib_t -> system_u:object_r:shlib_t
34 /lib/ld.so.1 system_u:object_r:lib_t -> system_u:object_r:ld_so_t
35
36
37 --
38 Chris PeBenito
39 <pebenito@g.o>
40 Developer,
41 Hardened Gentoo Linux
42 Embedded Gentoo Linux
43
44 Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243
45 Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-hardened] Can't log into my selinux system Ed Wildgoose <lists@××××××××××.com>
Report Message
Find on MARC Find on Google Groups