Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-62817

gnome-shell gets killed after using 01-appraise-exectuables-and-lib-signatures policy

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • rhel-9.6
    • rhel-9.5
    • ima-evm-utils
    • None
    • No
    • None
    • rhel-sst-kernel-security
    • ssg_core_kernel
    • 14
    • 18
    • 3
    • Dev ack
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • None
    • None
    • None
    • None

      What were you trying to do that didn't work?

      After loading /usr/share/ima/policies/01-appraise-exectuables-and-lib-signatures policy, gnome-shell gets killed after restarting gdm.

      What is the impact of this issue to you?

      Please provide the package NVR for which the bug is seen:

      ima-evm-utils-1.5-2.el9.x86_64

      How reproducible is this bug?:

      always

      Steps to reproduce

      1. Download RHEL9.5 cloud image (e.g from http://download.devel.redhat.com/rhel-9/nightly/RHEL-9/latest-RHEL-9.5.0/compose/BaseOS/x86_64/images/
      2. dnf --setopt=install_weak_deps=False install gnome-shell -y
      3. Add IMA signatures to installed packages: ima-add-sigs --package=ALL 
      4. Load IMA policy: echo /usr/share/ima/policies/01-appraise-exectuables-and-lib-signatures > /sys/kernel/security/ima/policy 
      5. Start gdm: systemctl start gdm

      Expected results

      A login screen is presented

      Actual results

      A black screen is shown.

              coxu@redhat.com Coiby Xu
              coxu@redhat.com Coiby Xu
              Coiby Xu Coiby Xu
              Dennis Li Dennis Li
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: