type=AVC msg=audit(1554917007.995:194): avc: denied { execute } for pid=7647 comm="lightdm" name="plymouth" dev="dm-1" ino=6508817 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:plymouth_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1554917007.995:194): avc: denied { read open } for pid=7647 comm="lightdm" path="/usr/bin/plymouth" dev="dm-1" ino=6508817 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:plymouth_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1554917007.995:194): avc: denied { execute_no_trans } for pid=7647 comm="lightdm" path="/usr/bin/plymouth" dev="dm-1" ino=6508817 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:plymouth_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1554917007.995:194): avc: denied { map } for pid=7647 comm="plymouth" path="/usr/bin/plymouth" dev="dm-1" ino=6508817 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:plymouth_exec_t:s0 tclass=file permissive=1
Signed-off-by: Dave Sugar <dsugar@xxxxxxxxxx>
---
policy/modules/services/xserver.te | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index a2b08a89..38c28678 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -615,6 +615,10 @@ optional_policy(`
mta_dontaudit_getattr_spool_files(xdm_t)
')
+optional_policy(`
+ plymouthd_domtrans_plymouth(xdm_t)
+')
+
optional_policy(`
resmgr_stream_connect(xdm_t)
')
--
2.20.1
