From: Stephen Smalley <sds@tycho.nsa.gov>
To: Petr Lautrbach <plautrba@redhat.com>, selinux@tycho.nsa.gov
Subject: Re: [PATCH] sandbox: do not run xmodmap in a new X session
Date: Wed, 21 Sep 2016 12:35:43 -0400 [thread overview]
Message-ID: <93b64c45-d155-1ff5-3956-bbf9cbd3d405@tycho.nsa.gov> (raw)
In-Reply-To: <2ad227ec-827a-f1f1-eceb-2290effc3cdf@redhat.com>
On 09/21/2016 12:00 PM, Petr Lautrbach wrote:
> On 09/21/2016 05:39 PM, Petr Lautrbach wrote:
>> xmodmap causes Xephyr X server to reset itself when it's run before wm
>> and even right after wm. It causes termination of the server as we use
>> -terminate. The -terminate option seems be important enough in order not
>> to left running the server when the last client connection is closed.
>>
>> This patch drops the execution of xmodmap from .sandboxrc until there's
>> a better solution.
>>
>
> Note that when I only removed -terminate from Xephyr command line,
> xmodmap didn't modify keymaps anyway.
>
> And using the Fedora patch with "-terminate -reset" is the same as just
> drop "-terminate" as "-reset" overrides "-terminate" option and -reset
> is used by default.
Thanks for investigating it further. Applied.
>
>
>
>
>
>> Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
>> ---
>> policycoreutils/sandbox/sandbox | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/policycoreutils/sandbox/sandbox b/policycoreutils/sandbox/sandbox
>> index 726ba9b..4ed57c1 100644
>> --- a/policycoreutils/sandbox/sandbox
>> +++ b/policycoreutils/sandbox/sandbox
>> @@ -282,7 +282,7 @@ class Sandbox:
>> command += "'%s' " % p
>> fd.write("""#! /bin/sh
>> #TITLE: %s
>> -/usr/bin/test -r ~/.xmodmap && /usr/bin/xmodmap ~/.xmodmap
>> +# /usr/bin/test -r ~/.xmodmap && /usr/bin/xmodmap ~/.xmodmap
>> %s &
>> WM_PID=$!
>> dbus-launch --exit-with-session %s
>>
>
> _______________________________________________
> Selinux mailing list
> Selinux@tycho.nsa.gov
> To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
> To get help, send an email containing "help" to Selinux-request@tycho.nsa.gov.
>
prev parent reply other threads:[~2016-09-21 16:35 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-18 18:39 sandox -X not working with recent Xephyr Laurent Bigonville
2016-09-19 14:39 ` Stephen Smalley
2016-09-19 18:02 ` Petr Lautrbach
2016-09-19 18:26 ` Stephen Smalley
2016-09-19 18:54 ` Laurent Bigonville
2016-09-20 12:49 ` Stephen Smalley
2016-09-20 21:56 ` Petr Lautrbach
2016-09-21 15:39 ` [PATCH] sandbox: do not run xmodmap in a new X session Petr Lautrbach
2016-09-21 16:00 ` Petr Lautrbach
2016-09-21 16:35 ` Stephen Smalley [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=93b64c45-d155-1ff5-3956-bbf9cbd3d405@tycho.nsa.gov \
--to=sds@tycho.nsa.gov \
--cc=plautrba@redhat.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.