[DSE-Dev] Bug#781779: not grave
Russell Coker
russell at coker.com.au
Sun Sep 13 23:55:14 UTC 2015
severity 781779 normal
thanks
Firstly this is not a grave bug. Most of the benefits of SE Linux are on
servers so even if it didn't work for a graphical login that wouldn't be a
grave bug.
allow kernel_t systemd_unit_file_t:service { status start };
The above line suggests that your init is running in the wrong domain. Check
your audit.log and see what was running as kernel_t, probably running
restorecon on that will fix it.
#!!!! This avc can be allowed using one of the these booleans:
# allow_execstack, allow_execmem
allow unconfined_t self:process execmem;
Some desktop environments (like KDE) require execmem. Setting allow_execmem
will fix that. See setsebool(8).
Finally I can't do anything more about this without even knowing what desktop
environment is having a problem. I need to know what XDM program and what
desktop environment are being used and if it works with a different XDM or
different desktop environment (twm is good for testing).
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
More information about the SELinux-devel
mailing list