Re: SELinux with 3.2 bpo kernel
Le Fri, 15 Jun 2012 17:44:03 +0300,
Henrik Ahlgren <firstname.lastname@example.org> a écrit :
> On Fri, Jun 15, 2012 at 02:12:47PM +0100, Ben Hutchings wrote:
> > Do you have 'security=selinux' on the kernel command line?
> Ahh, of course, that helped. Thank you.
> There is still some weirdness, like id -Z reporting
> "system_u:system_r:initrc_t:s0" for normal in X11 session (in virtual
> console session it's the normal-sounding "unconfined"), but that does
> not seem to be kernel-related.
You need to add call to pam_selinux module in the pam configuration,
there are 2 calls that needs to be done, see /etc/pam.d/login.
This should be fixed in wheezy for most desktop manager