-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
1. unconfined_login boolean does not work.
2. either userdom_use_user_terminals needs "open" for user_devpts_t or we have to allow $1_sudo_t open access to user_devpts_t:chr_file.
(allow staff_sudo_t user_devpts_t:chr_file open;)
3. mount needs to mounton var_lock_t directories.
(allow mount_t var_lock_t:dir mounton;)
On 03/26/2011 12:34 PM, Dominick Grift wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- unconfined_login boolean does not work.
Need to look at this.
- either userdom_use_user_terminals needs "open" for user_devpts_t or
we have to allow $1_sudo_t open access to user_devpts_t:chr_file.
(allow staff_sudo_t user_devpts_t:chr_file open;)
It is fixed in selinux-policy-3.9.16-7.fc16 which I need to rebuild.
- mount needs to mounton var_lock_t directories.
(allow mount_t var_lock_t:dir mounton;)
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2N3WoACgkQMlxVo39jgT/+zgCePu/c/MHUlmcOJxFkMS+UWTbl AAMAoLaTbh6Ww6HZMw4NN8Dh/17Qyl6k =jJ2X
-----END PGP SIGNATURE-----
selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/28/2011 08:49 AM, Miroslav Grepl wrote:
On 03/26/2011 12:34 PM, Dominick Grift wrote:
- unconfined_login boolean does not work.
Need to look at this.
- either userdom_use_user_terminals needs "open" for user_devpts_t or
we have to allow $1_sudo_t open access to user_devpts_t:chr_file.
(allow staff_sudo_t user_devpts_t:chr_file open;)
It is fixed in selinux-policy-3.9.16-7.fc16 which I need to rebuild.
- mount needs to mounton var_lock_t directories.
(allow mount_t var_lock_t:dir mounton;)
We need files_mountpoint(var_lock_t) in F15 and beyond. - -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
selinux@lists.fedoraproject.org