Progress! .532 boots! -- but dbus/hotplug/udev problems remain?

Tom London selinux at comcast.net
Sun Aug 29 19:32:46 UTC 2004


Russell,

Thanks, but it didn't quite work. The following change to dbusd.te seems
to make graphical login work under strict/enforcing.

Please correct/improve... :)
   tom

--- /root/src.package/policy/domains/program/dbusd.te   2004-08-29 
11:38:27.000000000 -0700
+++ dbusd.te    2004-08-29 12:19:25.000000000 -0700
@@ -32,3 +32,7 @@

 # SE-DBus specific permissions
 allow { dbus_client_domain userdomain } { dbusd_t self }:dbus { send_msg };
+
+allow user_t etc_dbusd_t:dir { search };
+allow user_t etc_dbusd_t:file { getattr read };
+allow user_t user_t:netlink_selinux_socket { bind create };


Russell Coker wrote:

>On Sun, 29 Aug 2004 04:29, Tom London <selinux at comcast.net> wrote:
>  
>
>>Newest Rawhide updates (including udev-030-10, mkinitrd-4.1.8-1,
>>kernel-2.6.8-1.532, and selinux-policy-strict-1.17.5-2)
>>now boots in strict/enforcing.
>>    
>>
>
>I've attached a diff against the CVS policy as well as the .te and .fc files 
>for udev changes which fix this and address some other issues as well.
>
>Please try it out and let me know how it goes.
>
>  
>



More information about the fedora-selinux-list mailing list