PERFORCE change 42983 for review
Robert Watson
rwatson at FreeBSD.org
Mon Nov 24 04:11:41 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=42983
Change 42983 by rwatson at rwatson_paprika on 2003/11/23 20:10:56
Add instructions to set the label on RealWindowServer after
booting tin single-user mode, or you won't be able to log in
when in enforcing mode.
Affected files ...
.. //depot/projects/trustedbsd/sedarwin/bootstrap_instructions.txt#22 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin/bootstrap_instructions.txt#22 (text+ko) ====
@@ -299,4 +299,17 @@
Step 18: Reboot
At this point, you should now have a new Darwin kernel, support libraries,
- command line tools, and configuration files installed. Reboot.
+ command line tools, and configuration files installed. Reboot to single-
+ user mode by pressing Command-S during the boot. Check the file system
+ and mount the root file system writable:
+
+ /sbin/fsck -y
+ /sbin/mount -uw /
+
+ Now set the label on the WindowServer binary so that it can transition
+ during login:
+
+ setfmac sebsd/system_u:object_r:login_exec_t \
+ /System/Library/CoreServices/RealWindowServer
+
+ Missing this step will result in login attempts failing.
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list