[DSE-Dev] Bug#683756: selinux in permissive mode breaks gdm and X
Laurent Bigonville
bigon at debian.org
Wed Aug 29 21:06:50 UTC 2012
Le 29 Aug 2012 22:42:19 +0200,
"Andreas Kuckartz" <A.Kuckartz at ping.de> a écrit :
> Mika Pflüger:
> > I just couldn't imagine the label having any influence on the
> > functionality in permissive mode. Well, I still don't really
> > understand, but it works. (-:
>
> I also would really like to understand how the label could break gdm
> in permissive mode.
>
> I do not like unexplained "this can't happen" situations in the
> context of security features or software.
My understanding (according the tiny knowledge I have regarding selinux)
is that pam is trying to set a context, but that for some reason there
is no default context that can be set and pam is asking interactively
in which context it should run and then everything is getting stuck.
My 2¢
Laurent Bigonville
More information about the SELinux-devel
mailing list