All of lore.kernel.org
 help / color / mirror / Atom feed
* [refpolicy] Automatic login context
@ 2010-03-10 21:09 Alan Rouse
  2010-03-10 21:21 ` Daniel J Walsh
  0 siblings, 1 reply; 3+ messages in thread
From: Alan Rouse @ 2010-03-10 21:09 UTC (permalink / raw)
  To: refpolicy

The default install of OpenSUSE includes an automatic login to the unprivileged user created during the install.  Once selinux (current refpolicy via "git")is installed and boots up with automatic login, the user's context is

        system_u:system_r:xdm_t

rather than what is shown in semanage -l login (for example, user_u:user_r:user_t).

However, when you log out and log back in, the context is correct.

If you build the OpenSUSE system without autologin, it enters the correct context when you first boot and log in.





-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20100310/074c0434/attachment.html 

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [refpolicy] Automatic login context
  2010-03-10 21:09 [refpolicy] Automatic login context Alan Rouse
@ 2010-03-10 21:21 ` Daniel J Walsh
  2010-03-10 23:10   ` Justin P. Mattock
  0 siblings, 1 reply; 3+ messages in thread
From: Daniel J Walsh @ 2010-03-10 21:21 UTC (permalink / raw)
  To: refpolicy

On 03/10/2010 04:09 PM, Alan Rouse wrote:
> The default install of OpenSUSE includes an automatic login to the 
> unprivileged user created during the install.  Once selinux (current 
> refpolicy via "git")is installed and boots up with automatic login, 
> the user's context is
>         system_u:system_r:xdm_t
> rather than what is shown in semanage -l login (for example, 
> user_u:user_r:user_t).
> However, when you log out and log back in, the context is correct.
> If you build the OpenSUSE system without autologin, it enters the 
> correct context when you first boot and log in.
>
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
>    
You are not going through pam_selinux session.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20100310/34ffc9e2/attachment.html 

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [refpolicy] Automatic login context
  2010-03-10 21:21 ` Daniel J Walsh
@ 2010-03-10 23:10   ` Justin P. Mattock
  0 siblings, 0 replies; 3+ messages in thread
From: Justin P. Mattock @ 2010-03-10 23:10 UTC (permalink / raw)
  To: refpolicy

On Wed, 2010-03-10 at 16:21 -0500, Daniel J Walsh wrote:
> On 03/10/2010 04:09 PM, Alan Rouse wrote: 
> > The default install of OpenSUSE includes an automatic login to the
> > unprivileged user created during the install.  Once selinux (current
> > refpolicy via "git")is installed and boots up with automatic login,
> > the user's context is 
> >  
> >         system_u:system_r:xdm_t
> >  
> > rather than what is shown in semanage -l login (for example,
> > user_u:user_r:user_t).
> >  
> > However, when you log out and log back in, the context is correct. 
> >  
> > If you build the OpenSUSE system without autologin, it enters the
> > correct context when you first boot and log in.
> >  
> >  
> >  
> >  
> >  
> > 
> > _______________________________________________
> > refpolicy mailing list
> > refpolicy at oss.tresys.com
> > http://oss.tresys.com/mailman/listinfo/refpolicy
> >   
> You are not going through pam_selinux session.
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy


I filled a bug report against suse on this:
https://bugzilla.novell.com/show_bug.cgi?id=582366
there I have login,xdm,gdm modified(hopefully correct),
are there other files in there that might be triggering
this autologin thing or do I have pam_selinux.so set wrong?

Justin P. Mattock

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-03-10 23:10 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-03-10 21:09 [refpolicy] Automatic login context Alan Rouse
2010-03-10 21:21 ` Daniel J Walsh
2010-03-10 23:10   ` Justin P. Mattock

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.