gdm failures? compiler or policy problems?
Tom London
selinux at gmail.com
Sun Aug 21 21:08:39 UTC 2005
On 8/20/05, Tom London <selinux at gmail.com> wrote:
>
> Running strict/enforcing, today's rawhide.
>
> gdm fails to start (many initrc_t/xserver_t type failures).
>
> I would normally guess a missing transition, but there are some reports of
> problems with gcc4/-Os.
>
> Regardless, gdm starts fine in permissive mode.
>
OK..... 2 small 'fixes' seem to make this work:
--- /tmp/xdm.fc 2005-08-21 14:02:59.000000000 -0700
+++ ./xdm.fc 2005-08-21 13:45:22.000000000 -0700
@@ -2,8 +2,8 @@
/usr/bin/[xgkw]dm -- system_u:object_r:xdm_exec_t
/usr/X11R6/bin/[xgkw]dm -- system_u:object_r:xdm_exec_t
/opt/kde3/bin/kdm -- system_u:object_r:xdm_exec_t
-/usr/bin/gpe-dm -- system_u:object_r:xdm_exec_t
-/usr/bin/gdm-binary -- system_u:object_r:xdm_exec_t
+/usr/(s)?bin/gpe-dm -- system_u:object_r:xdm_exec_t
+/usr/(s)?bin/gdm-binary -- system_u:object_r:xdm_exec_t
/var/[xgk]dm(/.*)? system_u:object_r:xserver_log_t
/usr/var/[xgkw]dm(/.*)? system_u:object_r:xserver_log_t
/var/log/[kw]dm\.log -- system_u:object_r:xserver_log_t
And,
--- /tmp/xdm.te 2005-08-21 14:04:29.000000000 -0700
+++ ./xdm.te 2005-08-21 13:44:13.000000000 -0700
@@ -21,7 +21,7 @@
daemon_domain(xdm, `, privuser, privrole, auth_chkpwd, privowner, privmem,
nscd_client_domain')
# for running xdm from init
-domain_auto_trans(init_t, xdm_exec_t, xdm_t)
+domain_auto_trans({ init_t initrc_t }, xdm_exec_t, xdm_t)
allow xdm_t xdm_var_run_t:dir setattr;
tom
--
Tom London
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/selinux/attachments/20050821/4d8810fd/attachment.html
More information about the selinux
mailing list