| 1 |
I changed in pam.d/kde all include system-auth to include system-local-login. |
| 2 |
Now I'm user_u:user_r:user_t. |
| 3 |
|
| 4 |
Regards, |
| 5 |
Radek |
| 6 |
|
| 7 |
Udo Siewert <algenib@×××××××.com> Saturday 13 of August 2011 04:18:23 |
| 8 |
> On Sat, 13 Aug 2011 00:25:26 +0200 |
| 9 |
> Sven Vermeulen <sven.vermeulen@××××××.be> wrote: |
| 10 |
> |
| 11 |
> Hi, |
| 12 |
> |
| 13 |
> > On Thu, Aug 11, 2011 at 7:25 PM, Udo Siewert <algenib@×××××××.com> |
| 14 |
> > |
| 15 |
> > wrote: |
| 16 |
> > > /usr/bin/kdm system_u:object_r:xdm_exec_t |
| 17 |
> > > /usr/bin/xdm system_u:object_r:xdm_exec_t |
| 18 |
> > > |
| 19 |
> > > When starting KDE by /etc/init.d/xdm 'id -Z' -> |
| 20 |
> > > system_u:system_r:xdm_t |
| 21 |
> > > |
| 22 |
> > > and all KDE processes -> system_u:system_r:xdm_t |
| 23 |
> > |
| 24 |
> > Hmm... assuming xdm works through some PAM configuration, can you |
| 25 |
> > tell me how /etc/conf.d/xdm (or kdm, gdm, whatever) looks like? |
| 26 |
> > |
| 27 |
> > If it doesn't source system-auth (which is where we put the |
| 28 |
> > pam_selinux.so call in) that might be the reason... |
| 29 |
> |
| 30 |
> you put me in the right direction: in /etc/pam.d/kde |
| 31 |
> |
| 32 |
> session required pam_selinux.so open |
| 33 |
> session required pam_selinux.so close |
| 34 |
> |
| 35 |
> was missing (don't know if I messed it up during dispatch-conf or if it |
| 36 |
> is missing by default). |
| 37 |
> |
| 38 |
> Thanks for that! |
| 39 |
> |
| 40 |
> Regards, |
| 41 |
> |
| 42 |
> Udo |
Archives