On Mon, 2004-05-31 at 15:08, Erik Fichtner wrote:
So. I've got vanilla FC2 with SELinux loaded and the standard
policy sources loaded on my laptop. For various reasons (low memory
and a general dislike for all things GNOME; primarily), I'm trying to
make good old xdm work and start boring old twm. This requires a
little bit of manhandling within /etc/X11/xdm/Xsession and /etc/inittab.
No big deal here.
[xgk]dm need to be modified to set the SELinux security context for the
session. SELinux support has been upstreamed in gdm. Patches for other
*dm programs have been floating around for some time, e.g. see
http://marc.theaimsgroup.com/?l=selinux&m=107031914600885&w=2. The
other alternative is to try to use pam_selinux, but that wouldn't work
for gdm (pam_open_session is called from the wrong process to set up the
context).
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency