Eamon Walsh wrote:
The X object manager logs all avc's and status messages (including the
AVC netlink stuff) through the audit system using libaudit calls
(audit_log_user_avc_message, etc.) I disavow all responsibility for
the messages once they enter libaudit
It's being black-holed in rawhide. To see for yourself, add the
attached patch to the spec file and rebuild the xserver from SRPM. It
will tee the avc messages into /var/log/Xorg.0.log.
Also, pull libselinux from upstream. The BadWindow error may be fixed.
You'll have to report to me what you see in the X server output. I'm
seeing tons of avc's: it doesn't appear as though staff_t is even
getting X permissions allowed.
--
Eamon Walsh <ewalsh@xxxxxxxxxxxxx>
National Security Agency
>From d4112defb9ab2b099c67a0a7c2ae7ac772d67751 Mon Sep 17 00:00:00 2001
From: Stupid McStupidson <stupid@xxxxxxxxxxx>
Date: Mon, 7 Jan 2008 15:41:22 -0500
Subject: Debugging Test
---
--- a/Xext/xselinux.c.orig 2008-02-25 18:43:14.000000000 -0500
+++ a/Xext/xselinux.c 2008-02-25 18:44:14.000000000 -0500
@@ -496,6 +496,8 @@
vsnprintf(buf, MAX_AUDIT_MESSAGE_LENGTH, fmt, ap);
rc = audit_log_user_avc_message(audit_fd, aut, buf, NULL, NULL, NULL, 0);
va_end(ap);
+
+ ErrorF("%s", buf);
return 0;
}
