Date: Sun, 23 Nov 2003 20:11:41 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 42983 for review Message-ID: <200311240411.hAO4Bfhd053694@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=42983 Change 42983 by rwatson@rwatson_paprika on 2003/11/23 20:10:56 Add instructions to set the label on RealWindowServer after booting tin single-user mode, or you won't be able to log in when in enforcing mode. Affected files ... .. //depot/projects/trustedbsd/sedarwin/bootstrap_instructions.txt#22 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/bootstrap_instructions.txt#22 (text+ko) ==== @@ -299,4 +299,17 @@ Step 18: Reboot At this point, you should now have a new Darwin kernel, support libraries, - command line tools, and configuration files installed. Reboot. + command line tools, and configuration files installed. Reboot to single- + user mode by pressing Command-S during the boot. Check the file system + and mount the root file system writable: + + /sbin/fsck -y + /sbin/mount -uw / + + Now set the label on the WindowServer binary so that it can transition + during login: + + setfmac sebsd/system_u:object_r:login_exec_t \ + /System/Library/CoreServices/RealWindowServer + + Missing this step will result in login attempts failing.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311240411.hAO4Bfhd053694>