Re: SElinux settings different for upgrade vs full-install

Douglas Otis wrote:
When logging in as root on an upgraded system, the desktop would not load
(gconf related errors), and there appeared to be no way to shutdown or
escape beyond hitting the system reset while seeing mostly a blank screen.

There was a difference noticed between a full-install and the upgrade from
Fedora 8. User Mapping for "root" had been "root", whereas the full-install
had this set to "unconfined_u" (which is also the default). Making this
change seems to have fixed the problem noticed when starting a graphical
logon as root.


Logging in graphically as root is discouraged. I am not sure if there is a question here.
Upgrades are often screwy. I don't generally do upgrades so I can't help you much here.

After making this change, the system Default Policy Type also changed to
"targeted". Being new to SElinux, it is hard to know the risk this may

Default policy is targeted, this is normal.

represent, if any. Does anyone know? Should the policy exceptions be used
to modify SElinux instead?

I am not sure what you mean by this question. The policy defines what is allowed. If its not allowed in policy then its denied.

This should help answer some of your questions. Flip back to the first entry. Be patient and read all of it. I need to reread it all myself.

http://danwalsh.livejournal.com/

This is just one source of information. If you want more let me know.

So much information so little time.

-Max

--
Fortune favors the BOLD

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Relevant Pages

  • Re: Access to Network and Dial-Up Connections blocked
    ... We don't know that the driver upgrades are necessarily the ... if a NoPropertiesMyComputer policy exists: ... I re-enabled Remove Network Connection from ... If this is a permissions issue check and make sure that you have ...
    (microsoft.public.win2000.general)
  • Re: FC7 user dead
    ... I'd go to a virtual console, login as root, and kill ... hope not to have same problems during next upgrades (one is on his ... In any case I am running Nvidia card but with standard driver (I had ... Antonio Montagnani ...
    (Fedora)
  • Re: OT: Wheeeeee! New PSpice Benchmarks
    ... > At work they paid for the upgrades etc. Personally I could see paying any ... AIUI, this means that they must be in root, but as a user I ... explicitly mount the drive and then by magic the stick showed up in my ... > If you house is wrecked by the water damage, hire a company to knock it ...
    (sci.electronics.cad)
  • Re: OT: Wheeeeee! New PSpice Benchmarks
    ... > At work they paid for the upgrades etc. Personally I could see paying any ... AIUI, this means that they must be in root, but as a user I ... explicitly mount the drive and then by magic the stick showed up in my ... > If you house is wrecked by the water damage, hire a company to knock it ...
    (sci.electronics.design)
  • Re: Kernel upgrade on 10.3
    ... One of the upgrades was the kernel (though I'm not sure that has ... root password to continue or CONTROL D to reboot. ... installation) and I'm kicked back to KDM login. ...
    (alt.os.linux.suse)
Loading