Package: systemd
Version: 44-2
Severity: normal
restorecon reset /run/user context
system_u:object_r:var_run_t:s0->system_u:object_r:var_auth_t:s0
restorecon reset /run/systemd/users context
system_u:object_r:init_var_run_t:s0->system_u:object_r:systemd_logind_var_run_t:s0
restorecon reset /run/systemd/sessions context
system_u:object_r:init_var_run_t:s0->system_u:object_r:systemd_logind_sessions_t:s0
restorecon reset /run/systemd/seats context
system_u:object_r:init_var_run_t:s0->system_u:object_r:systemd_logind_var_run_t:s0
When I run "restorecon -R -v /run" after booting a system I get the above
messages.
I modified /usr/lib/tmpfiles.d/systemd.conf to add "z" lines for SE Linux
labelling but it doesn't change anything.
[ 110.665199] type=1400 audit(1340281170.440:9): avc: granted { create } for
pid=895 comm="systemd-tmpfile" name="user"
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:var_run_t:s0 tclass=dir
The above audit record is from systemd-tmpfile creating /run/user and it
doesn't label it.
It seems that src/login/logind-seat.c, src/login/logind-session.c, and
src/login/logind-user.c are responsible for creating /run/systemd/seats,
/run/systemd/sessions, and /run/systemd/users respectively. I guess that the
code there isn't doing what is expected.
I'll upload policy that supports systemd to Unstable shortly which will allow
you to test this properly.
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages systemd depends on:
ii dpkg 1.16.4.3
ii initscripts 2.88dsf-27
ii libacl1 2.2.51-8
ii libaudit0 1:1.7.18-1.1
ii libc6 2.13-33
ii libcap2 1:2.22-1.1
ii libcryptsetup4 2:1.4.3-2
ii libdbus-1-3 1.6.0-1
ii libkmod2 8-2
ii liblzma5 5.1.1alpha+20120614-1
ii libpam0g 1.1.3-7.1
ii libselinux1 2.1.9-5
ii libsystemd-daemon0 44-2
ii libsystemd-id128-0 44-2
ii libsystemd-journal0 44-2
ii libsystemd-login0 44-2
ii libudev0 175-3.1
ii libwrap0 7.6.q-23
ii udev 175-3.1
ii util-linux 2.20.1-5
Versions of packages systemd recommends:
pn libpam-systemd <none>
Versions of packages systemd suggests:
ii python 2.7.3~rc2-1
ii python-cairo 1.8.8-1+b2
ii python-dbus 1.1.0-1
pn systemd-gui <none>
-- no debconf information
-- debsums errors found:
debsums: changed file /usr/lib/tmpfiles.d/systemd.conf (from systemd package)
Here is the changed file:
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# See tmpfiles.d(5) for details
d /run/user 0755 root root 10d
z /run/user - - - -
F /run/utmp 0664 root utmp -
f /var/log/wtmp 0664 root utmp -
f /var/log/btmp 0600 root utmp -
d /var/cache/man - - - 30d
r /forcefsck
r /forcequotacheck
r /fastboot
d /run/systemd/ask-password 0755 root root -
d /run/systemd/seats 0755 root root -
d /run/systemd/sessions 0755 root root -
d /run/systemd/users 0755 root root -
z /run/systemd/seats - - - -
z /run/systemd/sessions - - - -
z /run/systemd/users - - - -
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
