On 12/04/2009 05:51 PM, Eamon Walsh wrote: > On 12/04/2009 10:59 AM, Tyler Durvik wrote: >> I turned on the boolean: >> >> setsebool -P xserver_object_manager on >> >> and now I get the following in my Xorg.0.log file: >> >> SELinux: Invalid object class mapping, disabling SELinux support. >> >> Should I try the latest policy from oss.tresys.com? Would the >> upstream reference policy fix this error? >> >> Thanks, >> Mark >> >> > > OK, that error is because the x_pointer and x_keyboard object classes > haven't made it into F-12 policy yet. > > You could try the upstream policy. I'd recommend sticking with the > Fedora policy though, because I'm getting AVC's from upstream (at least > on rawhide) and upstream is not tuned for Fedora. If you do compile > from upstream make sure to set the "init_upstart" boolean to true or > everything gets out of whack at boot time. > > If you're willing to rebuild the F-12 policy, you can add the attached > patch which will fix the error above and allow the SELinux extension to > run. As soon as I can get the rest of the new X policy ported I'll send > it to Dan. > > > > > > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Latest XServer policy will be in selinux-policy-3.7.4-7.fc13.noarch -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
