[X2Go-Dev] Bug#438: x2goserver and rhel6.4 / selinux Problem
Frank Knoben
admin at igpm.rwth-aachen.de
Fri Feb 28 13:30:36 CET 2014
Hi Mike,
the file permissions only need to be fixed for the next login.
During startup, the xauth command needs the selinux file permissions
of *unconfined_u:object_r:xauth_home_t:s0* or of
*unconfined_u:object_r:user_home_t:s0* to the .Xauthority file,
so that it can overwrite the file with the new Xauthority Information.
After that, everything works fine for the session.
At least for my test, where I did login and opened a terminal window.
Maybe I should try opening some more kde and gnome applications.
On my system, it is ok, when the permissions will be fixed at logout time.
Sincerly
Frank
On 02/28/2014 01:20 PM, Mike Gabriel wrote:
> Hi Frank,
>
> On Fr 28 Feb 2014 13:15:41 CET, Frank Knoben wrote:
>
>> Hi Mike,
>>
>> what about the following solution / proposal for the x2goruncommand
>> script:
>>
>>
>> ....
>> # run logout scripts
>>
>> FIX_XAUTH=`ls -Z $HOME/.Xauthority | egrep default_t`
>> if test -n $FIX_AUTH
>> then
>> /usr/bin/chcon unconfined_u:object_r:xauth_home_t:s0 $HOME/.Xauthority
>> fi
>>
>>
>> test -r /etc/x2go/x2go_logout && . /etc/x2go/x2go_logout
>>
>> ...
>>
>> this fixes the selinux file permission in case, it it set to
>> system_u:object_r:default_t:s0
>> It works on my system.
>>
>> sincerly
>>
>> Frank
>
> The position where you propose adding the fix does not seem right to
> me. As the file permissions will stay "wrong" for the duration of the
> session and will only be corrected after the session has ended.
>
> Do I understand it correctly, that the file permissions need adaptions
> directly after session startup (i.e. after launching the session
> (destop) command)?
>
> Greets,
> Mike
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20140228/9d8cbd03/attachment.html>
More information about the x2go-dev
mailing list