[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: avc: smartcard token login



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/05/2010 09:41 PM, Mr Dash Four wrote:
> 
>> add these two:
>>
>> openct_stream_connect(local_login_t)
>>
>> # assuming it may also want to stream connect to openct, in either case
>> this is the only existing interface that allows access to write
>> openct_var_run_t pid sock files.
>>
>> openct_signull(local_login_t)
>>   
> There you go, thank you!
> 
> There is one slight problem with this though - the above 3 macros
> (openct_read_pid_files, openct_stream_connect and openct_signull) CANNOT
> be directly inserted in locallogin.te as locallogin is a 'base' module
> (part of the policy) as openct is just a 'module' and if the above 3
> macros are in locallogin.te that will produce out-of-scope error, so I
> do not know how this is going to be resolved without additional module
> or doing something else - my knowledge is still not enough to figure it
> out...
> 

report a bugzilla with this url, then hopefully it will get merged soon
into fedora and it will be fixed in a forthcoming update:

http://lists.fedoraproject.org/pipermail/selinux/2010-December/013292.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkz7+qIACgkQMlxVo39jgT+NPQCfUSig/GzyvwTwJepErSu5QtCQ
7vEAoIMgDhchr+8TA12kIlhwhGbTfI0i
=64Ao
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux


[Fedora Users]     [Fedora Legacy]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite Photos]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

Powered by Linux

Google
  Web www.spinics.net