On Mon, 28 Oct 2002 14:01, Achim Bohnet wrote:
> > > > avc: denied { search } for pid=2935 exe=/usr/X11R6/bin/XFree86
> > > > path=/rjc/.kde dev=03:07 ino=2673 scontext=rjc:user_r:user_xserver_t
> > > > tcontext=system_u:object_r:user_home_t tclass=dir
> > > >
> > > > Why would XFree86 be attempting to search my ~/.kde directory soon
> > > > after "startx" is run? Searching a directory means opening a file or
> > > > directory that is under that directory or changing directory to that
> > > > directory.
> > >
> > > Ummpfff. /usr/bin/kde3 plays again games with the font path :(
> > > Should be at least be wrapped with something like:
> >
> > I'm not sure I understand your message, are you suggesting that the kde3
> > script adds a directory under ~/.kde to the font path before the X server
> > is started?
>
> It checks for some path and if exists adds them via xset to fontpath
> (search for 'font' in /usr/bin/kde3) after X server is started.
Thanks for that, I understand now.
What do you think I should do for the default SE Linux security policy in this
regard? Should I setup dontaudit rules so that users aren't bothered by such
messages? Or would that be too likely to confuse people who have font paths
in their home directory?
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
