Tom London wrote:
Running strict/enforcing, latest Rawhide....
X fails to come up, etc.
Looks like allow XXXX udev_tdb_t:dir r_dir_perms; is needed pretty generally, especially for xdm_t, xdm_server_t, ptal_t, pam_console_t, lvm_t, hald_t, gpm_t, cupsd_t. Even user_t seems to want it for configuring esd.
Should this be added to macros somewhere?
tom
Does this solve the problem?
diff -u global_macros.te~ global_macros.te --- global_macros.te~ 2004-12-22 11:18:14.000000000 -0500 +++ global_macros.te 2004-12-22 12:56:43.883461279 -0500 @@ -242,7 +242,7 @@ allow $1_t { self proc_t }:dir r_dir_perms; allow $1_t { self proc_t }:lnk_file read;
-allow $1_t device_t:dir { getattr search }; +r_dir_file($1_t, device_t) allow $1_t null_device_t:chr_file rw_file_perms; dontaudit $1_t console_device_t:chr_file rw_file_perms; dontaudit $1_t unpriv_userdomain:fd use;