[DSE-Dev] Bug#757022: selinux-policy-default: Daemon started by the system dbus are not transitioning to their domains

Laurent Bigonville bigon at debian.org
Mon Aug 4 15:12:18 UTC 2014

Package: selinux-policy-default
Version: 2:2.20140421-4
Severity: normal


With systemd as PID1, all the dbus activated daemon are started by it
instead of by the system dbus.

There is no rules that allows the init domain to transition to the
dbus daemon domains.

In the fedora policy they have added:

 init_system_domain($1, $2)

to the dbus_system_domain() interface for this, we should probably have
something similar.


Laurent Bigonville

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_BE.utf8, LC_CTYPE=fr_BE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages selinux-policy-default depends on:
ii  libpam-modules   1.1.8-3
ii  libselinux1      2.3-1
ii  libsepol1        2.3-1
ii  policycoreutils  2.3-1
ii  python           2.7.8-1
ii  selinux-utils    2.3-1

Versions of packages selinux-policy-default recommends:
ii  checkpolicy  2.3-1
ii  setools      3.3.8-3

Versions of packages selinux-policy-default suggests:
pn  logcheck        <none>
pn  syslog-summary  <none>

-- Configuration Files:
/etc/selinux/default/modules/active/file_contexts.local [Errno 13] Permission non accordée: u'/etc/selinux/default/modules/active/file_contexts.local'

-- no debconf information

More information about the SELinux-devel mailing list