SELinux deny gdm-binary to access /boot
Daniel J Walsh
dwalsh at redhat.com
Thu Nov 15 16:37:33 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mitsuho Iizuka wrote:
> Hi,
>
> Clean installed Fedora 8 x86_64 gives following error. Could you
> give me a hint to solve ?
>
> SELinux Troubleshooting:
> SELinux deny gdm-binary to access /boot (exactly in japanese)
>
> access is get attribute. Troubleshooting give me a hint to
> restorecon -v /boot. But it is strage to access boot. I can't find
> any file to access /boot partition when I log in. I deleted partitions
> to install fedora 8(/boot and /), and I selected the fedora install
> menu to install Fedora 8 against empty partitions. Of course, I tried
> above hint(restorecon -v -R /boot), but Troubleshooting application
> have been give the same warning(error?).
>
> // M.Iiz
If you chcon -t bin_t /usr/sbin/gdm
Does the problem disappear?
/usr/sbin/gdm is a shell script and it is executing
test -f /etc/profile && . /etc/profile
Which could be causing some of these spurious denials. We should not be
labeling the script as xdm_exec_t since that is the label on gdm-binary.
I will make this change in selinux-policy-3.0.8-56
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFHPHXMrlYvE4MpobMRArQ/AJ9rJ+doaoG29BCfmM4JilUt9rXpVQCgsqzp
YabqNPU5cns+F9XSQukHKkU=
=xKye
-----END PGP SIGNATURE-----
More information about the fedora-list
mailing list