1 |
On Sat, 13 Aug 2011 00:25:26 +0200 |
2 |
Sven Vermeulen <sven.vermeulen@××××××.be> wrote: |
3 |
|
4 |
Hi, |
5 |
|
6 |
> On Thu, Aug 11, 2011 at 7:25 PM, Udo Siewert <algenib@×××××××.com> |
7 |
> wrote: |
8 |
> |
9 |
> > /usr/bin/kdm system_u:object_r:xdm_exec_t |
10 |
> > /usr/bin/xdm system_u:object_r:xdm_exec_t |
11 |
> > |
12 |
> > When starting KDE by /etc/init.d/xdm 'id -Z' -> |
13 |
> > system_u:system_r:xdm_t |
14 |
> > |
15 |
> > and all KDE processes -> system_u:system_r:xdm_t |
16 |
> > |
17 |
> |
18 |
> Hmm... assuming xdm works through some PAM configuration, can you |
19 |
> tell me how /etc/conf.d/xdm (or kdm, gdm, whatever) looks like? |
20 |
> |
21 |
> If it doesn't source system-auth (which is where we put the |
22 |
> pam_selinux.so call in) that might be the reason... |
23 |
|
24 |
you put me in the right direction: in /etc/pam.d/kde |
25 |
|
26 |
session required pam_selinux.so open |
27 |
session required pam_selinux.so close |
28 |
|
29 |
was missing (don't know if I messed it up during dispatch-conf or if it |
30 |
is missing by default). |
31 |
|
32 |
Thanks for that! |
33 |
|
34 |
Regards, |
35 |
|
36 |
Udo |