Red Hat Bugzilla – Bug 436820
too many AVC denials to make individuals bugs to
Last modified: 2018-04-11 15:31:41 EDT
Description of problem:
I have tried to run current Rawhide with SELinux enforcing and X crashes pretty
much everytime after no more than half an hour (now it is almost instant). When
reparsing /var/log/audit with sealert (file/scan logfile) I got A LOT of
different AVC denials.
So, although the primary reason why I have now problems with SELinux is that it
apparently crashes X (bug 436819).
Version-Release number of selected component (if applicable):
[matej@hubmaier ~]$ rpm -qa xorg-x11\*server\*
[matej@hubmaier ~]$ rpm -q selinux-policy-targeted
Created attachment 297468 [details]
needless to say is that I have pretty freshly relabelled hard disk.
Most of these AVC's are related to XWindows policy, which is really in it's
infancy. Although it should not have crashed your xserver.
The only XServer AVC's I see are related to nsplugin.
I am updating policy tonight and I think the next version of xserver will remove
the ability to run xserver as an SELInux policy manager by default.
Fixed in selinux-policy-3.3.1-13.fc9