gnome login broken.... "null" avcs...
Daniel J Walsh
dwalsh at redhat.com
Thu Feb 28 18:06:12 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tom London wrote:
> On Thu, Feb 28, 2008 at 7:41 AM, Tom London <selinux at gmail.com> wrote:
>> After applying today's selinux-policy* packages, gnome/gdm login
>> fails: gdmgreeter runs, but X quickly dies after enter password and
>> you're back to the greeter.
>>
>> Booting up in permissive lets me log in.
>>
>> Here are the borkages:
>>
>>
>> #============= mono_t ==============
>> allow mono_t xdm_xserver_t:x_device read;
>>
>> #============= unconfined_execmem_t ==============
>> allow unconfined_execmem_t xdm_xserver_t:x_device read;
>>
>> #============= unconfined_t ==============
>> allow unconfined_t mono_t:x_resource write;
>> allow unconfined_t unconfined_execmem_t:x_resource { write read };
>> allow unconfined_t unlabeled_t:x_drawable { destroy getattr };
>> [root at localhost ~]#
>>
>> I attach complete log file.
>>
>> This something to do with new X keyboard confinement stuff?
>>
>> tom
>> --
>> Tom London
>>
>
> Reverting to selinux-policy-3.3.1-4.fc9.noarch fixes.....
>
> tom
Did you have the xserver_object_manager boolean turned on? This should
only have effected those machines, that were dumb^wadventuresome enough
to turn this on.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkfG+BQACgkQrlYvE4MpobNnRQCfbNeuVabGA9dUfo9X1yBlvGKH
73QAnjcUlJH1Xgabj3Mbopz7rCgMMwxr
=+82k
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list