plymouthd avcs in MLS
Xavier Toth
txtoth at gmail.com
Wed Jan 21 21:25:44 UTC 2009
I'll give it a try on an F10 box when it finishes building.
Ted
On Wed, Jan 21, 2009 at 3:22 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I have sucked it up over the last couple of days and have cleaned up
> most of the MLS avcs in Fedora 11. It now boots up and I can log in in
> enforcing mode.
>
> I would prefer to work with the F11 policy, although this can safely be
> installed on an F10 system.
>
> Tryout 3.6.3-5.f11
>
> I gave the kernel_t the privs to run plymouth, it does not make much
> sense to prevent kernel_t from any of the accesses it needed.
>
> Also wrote most of the policy for wm_t.
>
> Some problems like use of fusermount are going to be tougher to decide
> on what the right thing to do is.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkl3kf0ACgkQrlYvE4MpobNMYwCeOHaZ3GokeMzg8oRrM8vU/S6Q
> sqAAoNlF+b4v0c3pnd7BPb8ljzwMB3Vj
> =WkHm
> -----END PGP SIGNATURE-----
>
More information about the fedora-selinux-list
mailing list