[DSE-Dev] Run gnome-terminal as 'user_u'

Reis, Alberto Silos Alberto.Reis at dieboldnixdorf.com
Tue Jan 24 02:30:31 UTC 2017

Hi Russell,

> What version of systemd are you using? 

My system was installed using a netinst image and by that time the Jessie 8.5 was the stable release and automatically upgraded systemd to version 215-17+deb8u4. Today I restored a snapshot taken just after the installation and loaded that ruleset but got the same behaviour and no further messages were logged.

> I'm surprised at this, I had KDE working well and I didn't think that GNOME required much more access.

There still have permissions to grant in order to support a reasonable experience (ex. pulse audio, telepathy, evolution alarm and etc). 

> If you run "semodule -DB" to build a policy without dontaudit rules it can help find such things.  

I have tried that and "semanage dontaudit" as well but neighter of them added something new to the log.

Alberto Reis

More information about the SELinux-devel mailing list