Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 454776 - livecd-tools-017.1-1.fc9 breaks Xfce spin autologin
Summary: livecd-tools-017.1-1.fc9 breaks Xfce spin autologin
Keywords:
Status: CLOSED CANTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: livecd-tools
Version: 9
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Jeremy Katz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-07-09 21:55 UTC by Kevin Fenzi
Modified: 2008-07-16 20:36 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-07-16 20:36:18 UTC


Attachments (Terms of Use)
full log of fedora-livecd-xfce.ks with livecd-tools-017.1-1.fc9.i386 (deleted)
2008-07-10 15:11 UTC, Christoph Wickert
no flags Details

Description Kevin Fenzi 2008-07-09 21:55:03 UTC
If you use the 017.1-1.fc9 version of livecd-tools on a updated F9 system to
make a Xfce livecd, the image builds fine, but then the user can't login. 

It seems /home/fedora gets a unconfined_t selinux context, and selinux won't let
the user login. 

Backing off to 017-1.fc9, everything works fine as expected. 

Happy to provide more info...

Comment 1 Jeremy Katz 2008-07-09 22:37:34 UTC
Do you have the log of the livecd-creator run handy?  If not, I can probably get
one, but it'll take me a teensy bit to get things set up to do so.

Comment 2 Kevin Fenzi 2008-07-09 22:55:30 UTC
I don't... ;( 
I can do another run here in a bit and save that though. 



Comment 3 Kevin Fenzi 2008-07-10 02:35:32 UTC
I'll attach the entire output, but these jump out: 

Installing: selinux-policy-targeted      #####################
[623/846]libsemanage.dbase_llist_query: could not query record value
SELinux:  Could not load policy file /etc/selinux/targeted/policy/policy.23: 
Invalid argument
/usr/sbin/load_policy:  Can't load policy:  Invalid argument
libsemanage.semanage_reload_policy: load_policy returned error code 2.
libsemanage.semanage_install_active: Could not copy
/etc/selinux/targeted/modules/active/policy.kern to
/etc/selinux/targeted/policy/policy.23. (No such file or directory).
semodule:  Failed!
libsemanage.semanage_link_sandbox: Could not access sandbox base file
/etc/selinux/targeted/modules/tmp/base.pp. (No such file or directory).
/usr/sbin/semanage: Could not add SELinux user guest_u
libsemanage.semanage_link_sandbox: Could not access sandbox base file
/etc/selinux/targeted/modules/tmp/base.pp. (No such file or directory).
/usr/sbin/semanage: Could not add SELinux user xguest_u
 

Comment 4 Kevin Fenzi 2008-07-10 02:37:39 UTC
Oops. Thats the output from the livecd-tools-017-1.fc9 case. 

Let me update to the 017.1-1.fc9 and re-run. 

Comment 5 Kevin Fenzi 2008-07-10 15:06:32 UTC
The output from the 017.1-1 run is 25MB... 
Do you still want me to attach it?


Comment 6 Christoph Wickert 2008-07-10 15:11:12 UTC
Created attachment 311487 [details]
full log of fedora-livecd-xfce.ks with livecd-tools-017.1-1.fc9.i386

The resulting iso does not work

Comment 7 Christoph Wickert 2008-07-10 15:16:48 UTC
(In reply to comment #5)
> The output from the 017.1-1 run is 25MB... 

Mine is only 500 Kb, so attached it. The relevant part:

  Installier: selinux-policy-targeted      #####################
[622/856]libsemanage.dbase_llist_query: could not query record value
SELinux:  Could not downgrade policy file
/etc/selinux/targeted/policy/policy.23, searching for an older version.
SELinux:  Could not open policy file <= /etc/selinux/targeted/policy/policy.23:
 No such file or directory
/usr/sbin/load_policy:  Can't load policy:  No such file or directory
libsemanage.semanage_reload_policy: load_policy returned error code 2.
libsemanage.semanage_install_active: Could not copy
/etc/selinux/targeted/modules/active/policy.kern to
/etc/selinux/targeted/policy/policy.23. (No such file or directory).
semodule:  Failed!
libsemanage.semanage_link_sandbox: Could not access sandbox base file
/etc/selinux/targeted/modules/tmp/base.pp. (No such file or directory).


Comment 8 Jeremy Katz 2008-07-10 16:16:06 UTC
cwickert -- yours is pulling from updates, the official spin will be pulling
from the release version only. 

Eric/Dan -- would it be expected to get failures with the new SELinux bits in
livecd-creator without an updated couple of packages?  

Comment 9 Daniel Walsh 2008-07-10 18:51:13 UTC
You need the updated policy and kernel I believe.

Comment 10 Kevin Fenzi 2008-07-10 19:41:47 UTC
In the host running livecd-tools? Or in the chroot?
The host here is F9+all updates here... 

Comment 11 Jeremy Katz 2008-07-10 21:25:35 UTC
Updated policy in the chroot, updated kernel on the host is what my hunch would be

Comment 12 Kevin Fenzi 2008-07-10 22:34:31 UTC
ok, so what do we do for the F9 Xfce spin then?

I would guess use the previous livecd-creator for the spinning on the host? 
If we add the updated policy, then we need a src.rpm image, right? 


Comment 13 Jeremy Katz 2008-07-10 23:43:18 UTC
Yeah, I think that spinning with the F9 livecd-tools is probably the right thing
to do.  Were we doing this concurrent with the release as per the intent, we'd
have been doing that to begin with.

Comment 14 Jeremy Katz 2008-07-16 20:36:18 UTC
And confirmed that that makes things better.  Going to close this as CANTFIX as
fundamentally, the "work with SELinux enforcing" changes kind of require a
packages with fixes being installed.


Note You need to log in before you can comment on or make changes to this bug.