I'm still getting only text-based boots when running with strict/enforcing,
but graphical boots if I set 'enforcing=0'
Here are entries from the log from a strict/enforcing boot:
Jul 31 11:16:23 fedora kernel: SELinux: initialized (dev sockfs, type
sockfs), uses task SIDs
Jul 31 11:16:23 fedora kernel: SELinux: initialized (dev proc, type
proc), uses
genfs_contexts
Jul 31 11:16:23 fedora kernel: SELinux: initialized (dev bdev, type
bdev), uses
genfs_contexts
Jul 31 11:16:23 fedora kernel: SELinux: initialized (dev rootfs, type
rootfs), uses genfs_contexts
Jul 31 11:16:23 fedora kernel: SELinux: initialized (dev sysfs, type
sysfs), uses genfs_contexts
Jul 31 11:16:23 fedora kernel: audit(1091272545.625:0): avc: denied {
mounton
} for pid=533 exe=/usr/bin/rhgb path=/initrd dev=ram0 ino=2
scontext=system_u:system_r:rhgb_t tcontext=system_u:object_r:file_t
tclass=dir
Jul 31 11:16:23 fedora kernel: audit(1091272545.625:0): avc: denied {
sys_admin } for pid=533 exe=/usr/bin/rhgb capability=21
scontext=system_u:system_r:rhgb_t tcontext=system_u:system_r:rhgb_t
tclass=capability
Here are log entries from an 'enforcing=0' boot:
Jul 29 20:40:38 fedora kernel: SELinux: initialized (dev sockfs, type
sockfs), uses task SIDs
Jul 29 20:40:38 fedora kernel: SELinux: initialized (dev proc, type
proc), uses
genfs_contexts
Jul 29 20:40:38 fedora kernel: SELinux: initialized (dev bdev, type
bdev), uses
genfs_contexts
Jul 29 20:40:38 fedora kernel: SELinux: initialized (dev rootfs, type
rootfs), uses genfs_contexts
Jul 29 20:40:38 fedora kernel: SELinux: initialized (dev sysfs, type
sysfs), uses genfs_contexts
Jul 29 20:40:38 fedora kernel: audit(1091133597.795:0): avc: denied {
mounton
} for pid=533 exe=/usr/bin/rhgb path=/initrd dev=ram0 ino=2
scontext=system_u:system_r:rhgb_t tcontext=system_u:object_r:file_t
tclass=dir
Jul 29 20:40:38 fedora kernel: SELinux: initialized (dev ramfs, type
ramfs), uses genfs_contexts
Jul 29 20:40:38 fedora kernel: audit(1091133597.795:0): avc: denied {
mount }
for pid=533 exe=/usr/bin/rhgb name=/ dev=ramfs ino=1291
scontext=system_u:system_r:rhgb_t tcontext=system_u:object_r:ramfs_t
tclass=filesystem
Jul 29 20:40:38 fedora kernel: audit(1091133598.713:0): avc: denied {
search } for pid=534 exe=/usr/bin/rhgb name=run dev=hda2 ino=4456484
scontext=system_u:system_r:rhgb_t tcontext=system_u:object_r:var_run_t
tclass=dir
tom