Stephen wrote: > Why is it necessary to download and rebuild the source policy? Did they build it as a monolithic policy? Yes, the policy rpm from OpenSuse 11.2 is monolithic. >> setsebool -P init_upstart=on >> setsebool -P xdm_sysadm_login=on >> setsebool -P xserver_object_manager=on > I think you only need the first boolean setting. > And we should likely introduce an ifdef for suse in refpolicy that always disables that > transition so that you don't have to artificially turn on that boolean. Ok > It would be useful to see the raw audit message with what directory/file is being accessed. > tmpfs_t indicates a tmpfs mount, which might mean you have a mislabeled tmpfs mount (e.g. > /dev is a tmpfs mount that should be relabeled by rc.sysinit via restorecon -R /dev). See attached raw audit messages from the most recent boot.
Attachment:
audit.log
Description: audit.log
