SELinux deny gdm-binary to access /boot

Daniel J Walsh dwalsh at
Thu Nov 15 16:37:33 UTC 2007

Hash: SHA1

Mitsuho Iizuka wrote:
> Hi,
> Clean installed Fedora 8 x86_64 gives following error. Could you
> give me a hint to solve ?
>    SELinux Troubleshooting:
>       SELinux deny gdm-binary to access /boot (exactly in japanese)
> access is get attribute. Troubleshooting give me a hint to
> restorecon -v /boot. But it is strage to access boot. I can't find
> any file to access /boot partition when I log in. I deleted partitions
> to install fedora 8(/boot and /), and I selected the fedora install
> menu to install Fedora 8 against empty partitions. Of course, I tried
> above hint(restorecon -v -R /boot), but Troubleshooting application
> have been give the same warning(error?).
> // M.Iiz
If you chcon -t bin_t /usr/sbin/gdm

Does the problem disappear?

/usr/sbin/gdm is a shell script and it is executing

test -f /etc/profile && . /etc/profile

Which could be causing some of these spurious denials.  We should not be
labeling the script as xdm_exec_t since that is the label on gdm-binary.

I will make this change in selinux-policy-3.0.8-56
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora -


More information about the fedora-list mailing list