* Problem logging into GDM after SELinux enable
@ 2005-01-25 8:34 Tom Wesley
2005-01-25 12:35 ` Stephen Smalley
0 siblings, 1 reply; 2+ messages in thread
From: Tom Wesley @ 2005-01-25 8:34 UTC (permalink / raw)
To: SELinux
[-- Attachment #1: Type: text/plain, Size: 683 bytes --]
Hi,
Hopefully I've managed to follow the "conversion guide" on the Gentoo
website and have run into a problem after the initial setup.
When logging in using GDM I get a message saying "Unable to set default
execution context" and it returns me to the login screen.
I'm also getting
Jan 21 22:54:08 tom GDM[30170]: SELinux GDM login: unable to obtain
default security context for tom.
in /var/log/messages.
I have
user tom roles { staff_r staff_r sysadm_r };
in my users file and have rebuilt the profile, loaded it and relabeled
the file system but am still getting the same message.
Does anyone have any ideas what I should try next?
--
Tom Wesley <tom@tomaw.org>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 256 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Problem logging into GDM after SELinux enable
2005-01-25 8:34 Problem logging into GDM after SELinux enable Tom Wesley
@ 2005-01-25 12:35 ` Stephen Smalley
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2005-01-25 12:35 UTC (permalink / raw)
To: Tom Wesley; +Cc: SELinux
On Tue, 2005-01-25 at 03:34, Tom Wesley wrote:
> Hi,
>
> Hopefully I've managed to follow the "conversion guide" on the Gentoo
> website and have run into a problem after the initial setup.
>
> When logging in using GDM I get a message saying "Unable to set default
> execution context" and it returns me to the login screen.
>
> I'm also getting
>
> Jan 21 22:54:08 tom GDM[30170]: SELinux GDM login: unable to obtain
> default security context for tom.
>
> in /var/log/messages.
>
> I have
>
> user tom roles { staff_r staff_r sysadm_r };
>
> in my users file and have rebuilt the profile, loaded it and relabeled
> the file system but am still getting the same message.
>
> Does anyone have any ideas what I should try next?
I was under the impression that Hardened Gentoo only supports SELinux on
servers, not desktop systems. Thus, they may not include the portions
of the example policy related to X, [xgk]dm, etc. Do you have an
xserver.te and xdm.te file in your policy/domains/program directory, and
xserver_macros.te under policy/macros/program? If not, you could try
porting from the example policy, but that is likely to be difficult
given the amount of divergence between the policies. Fedora Core 3
includes support (but remember to switch to strict policy, as the
default is targeted).
--
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-01-25 12:41 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-01-25 8:34 Problem logging into GDM after SELinux enable Tom Wesley
2005-01-25 12:35 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.