On 8/20/05, <b class="gmail_sendername">Tom London</b> <<a href="mailto:selinux@gmail.com">selinux@gmail.com</a>> wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">

Running strict/enforcing, today's rawhide.<br><br>gdm fails to start (many initrc_t/xserver_t type failures).<br><br>I would normally guess a missing transition, but there are some reports of problems with gcc4/-Os.<br><br>


Regardless, gdm starts fine in permissive mode.<br><span class="sg">

</span></blockquote></div><br>OK..... 2 small 'fixes' seem to make this work:<br><br>--- /tmp/xdm.fc 2005-08-21 14:02:59.000000000 -0700<br>+++ ./xdm.fc    2005-08-21 13:45:22.000000000 -0700<br>@@ -2,8 +2,8 @@<br> /usr/bin/[xgkw]dm      --      system_u:object_r:xdm_exec_t
<br> /usr/X11R6/bin/[xgkw]dm        --      system_u:object_r:xdm_exec_t<br> /opt/kde3/bin/kdm      --      system_u:object_r:xdm_exec_t<br>-/usr/bin/gpe-dm                --      system_u:object_r:xdm_exec_t<br>-/usr/bin/gdm-binary    --      system_u:object_r:xdm_exec_t
<br>+/usr/(s)?bin/gpe-dm            --      system_u:object_r:xdm_exec_t<br>+/usr/(s)?bin/gdm-binary        --      system_u:object_r:xdm_exec_t<br> /var/[xgk]dm(/.*)?             system_u:object_r:xserver_log_t<br> /usr/var/[xgkw]dm(/.*)?                system_u:object_r:xserver_log_t
<br> /var/log/[kw]dm\.log   --      system_u:object_r:xserver_log_t<br><br>And,<br><br>--- /tmp/xdm.te 2005-08-21 14:04:29.000000000 -0700<br>+++ ./xdm.te    2005-08-21 13:44:13.000000000 -0700<br>@@ -21,7 +21,7 @@<br> daemon_domain(xdm, `, privuser, privrole, auth_chkpwd, privowner, privmem, nscd_client_domain')
<br><br> # for running xdm from init<br>-domain_auto_trans(init_t, xdm_exec_t, xdm_t)<br>+domain_auto_trans({ init_t initrc_t }, xdm_exec_t, xdm_t)<br><br> allow xdm_t xdm_var_run_t:dir setattr;<br><br>tom<br clear="all">
-- <br>
Tom London