On Fri, 2011-07-01 at 09:56 -0400, Stephen Smalley wrote: > On Fri, 2011-06-24 at 14:44 +0000, c.r.madhusudhanan@xxxxxxxxx wrote: > > Thanks Daniel, Stephen. > > > > I am able to get init_t, local_login_t for init, and login > > respectively. > > The mistake was tat I missed relabeling the file system, so all the > > executable was in the type file_t. > > > > But it looks my problem still remains somehow, so that when I try > > login it still shows me wrong domain/type. > > > > When I login using 'login' (tty1), the context shows as > > user_u:user_r:chkpwd_t and when I check in the X (auto login to user > > 'meego' using 'uxlaunch') shows as user_u:user_r:consoletype_t. > > > > Attached is the "ps -aeZ" after relabeling the system. > > Going back to this ps output, I think you'll need some policy changes to > support MeeGo's uxlaunch approach to starting a user desktop. You need > uxlaunch to transition into a domain suitable for user login like xdm_t > (used for gdm/xdm/kdm) rather than running in init_t or we won't get the > expected transitions for user domains. And given that, you might want to take this conversation over to the refpolicy list as it becomes a policy configuration issue for MeeGo. http://oss.tresys.com/mailman/listinfo/refpolicy -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.