Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 41022

Summary: Enable SELinux support in >=gdm-2.4.4.5
Product: Gentoo Linux Reporter: Chris PeBenito (RETIRED) <pebenito>
Component: [OLD] GNOMEAssignee: Gentoo Linux Gnome Desktop Team <gnome>
Status: RESOLVED FIXED    
Severity: enhancement    
Priority: Lowest    
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: remove -lattr linking for SELinux compile

Description Chris PeBenito (RETIRED) gentoo-dev 2004-02-09 14:42:52 UTC 
This is a request to enable the SELinux code in GDM (>=2.4.4.5).  Technically, we're not supporting a desktop SELinux yet, so this isn't critical.  But its nice to have, so potential SELinux desktop devs can use it :)  I've got 2.4.4.5 installed already, and the SELinux code works.

All it requires is this in G2CONF:

`use_with selinux`

This goes in RDEPEND (and DEPEND):

selinux? ( sys-libs/libselinux )

And also a small patch to be applied, which removes the -lattr linking since glibc has these functions now.
Comment 1 Chris PeBenito (RETIRED) gentoo-dev 2004-02-09 14:44:30 UTC 
Created attachment 25297 [details, diff]
remove -lattr linking for SELinux compile
Comment 2 foser (RETIRED) gentoo-dev 2004-02-17 15:45:50 UTC 
added selinux support in gdm-2.4.4.7 .

The patch has been sent upstream i assume ? You mention glibc has this function now, but is this covered in deps ? Is there even the remote possibility that users on older systems don't have this function, Since there seems to be no versioning involved (the selinux glibc dep is versionless) ?
Comment 3 Chris PeBenito (RETIRED) gentoo-dev 2004-02-19 20:23:02 UTC 
The selinux use flag is masked on all non-SELinux profiles.  The selinux profiles enforce the correct glibc (>=2.3).  Actually to make it work right, glibc has to be compiled with linux-headers >=2.4.20, which is also enforced by the profile.

I didn't send the patch upstream because its more of a hack, and I wasn't sure enough to correctly remove the -lattr checks in the configure, since I dont speak autoconf etc.