Ubuntu
refpolicy-ubuntu package

selinux casue lightdm error

Bug #1296103 reported by bravezilong on 2014-03-22

10

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	refpolicy-ubuntu (Ubuntu)	Confirmed	Undecided	Unassigned

Bug Description

In the Ubuntu 12.04.2, When I replaced apparmor with selinux. lightdm display manager didn't run.

ProblemType: Bug
DistroRelease: Ubuntu 12.04.2
Package: selinux-policy-ubuntu 0.2.20091117-0ubuntu2
Architecture: i386
SourcePackage: refpolicy-ubuntu 0.2.20091117-0ubuntu2
UpgradeStatus: No upgrade log present (probably fresh install)

[Impact]
This problem is about security.

[Test case]
1) Remove the Apparmor by using following command.
sudo apt-get purge Apparmor
2) Install the selinux by using following command.
sudo apt-get install selinux
3) Set selinux to enforcing mode.
4) Reboot system.

As result, lightdm is failed.

So I tried to solve,
by changing the context of the LightDM executable to xdm_exec_t with the command "chcon -t xdm_exec_t /usr/sbin/lightdm".

As result, lightdm was executed, But I had must wait for long time about 5 minutes.

I guess, lightdm have some code that have timeout to access to any socket access denied by selinux.

If this problem is fixed ASAP, we'll more happy, and Ubuntu is more grow up.

Thanks for your time.

See original description

Revision history for this message

Seth Arnold (seth-arnold) wrote on 2014-03-24: Bug is not a security issue

#1

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

information type:

Private Security → Public

Revision history for this message

manlonglive (manlonglive) wrote on 2014-03-25:

#2

Hi,
I think so.
I want that this bug is fixed very quickly.
Thanks.

Revision history for this message

jinkeli (k2h-211) wrote on 2014-03-25:

#3

Hi,
Such problems are found in my system.
I think that there are problems in SELinux ubuntu policy.
I think that Experts interesting with SELinux, lightdm, dbus will solve the this problem.

bravezilong (bravezilong) on 2014-03-25

affects:

refpolicy (Ubuntu) → refpolicy-ubuntu (Ubuntu)

Revision history for this message

rian (rianrian1027) wrote on 2014-03-25:

#4

Hi.
The last time I was discover like upper issue, too.
So I hope to resolve as soon as possible.
And i believe this bug would be resolved as soon.
I will wait happy news.
Thank you.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-03-25:

#5

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in refpolicy-ubuntu (Ubuntu):
status:	New → Confirmed

Revision history for this message

Jing Wang (prepangolin) wrote on 2014-03-25:

#6

Hi, bravezilong.

I 'm not a SElinux dev nor lightdm dev.
I think that SElinux + Ubuntu is valuable efforts because it makes Ubuntu better.
So I'm interested in your bug.
There is something deep problem in this problem. It's very fancy.
But no trouble is no success.
Cheer up.

bravezilong (bravezilong) on 2015-08-12

description:	updated
description:	updated

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.