On 03/04/2014 11:59 PM, Frank Knoben wrote:
On 03/04/2014 05:36 PM, Orion Poplawski wrote:
On 03/04/2014 04:02 AM, Frank Knoben wrote:
When I put the lines in the x2gostartagent script
after the
XAUTHORITY=${XAUTHORITY:-"$HOME/.Xauthority"}
line, the permissions will be fixed on login and not on logout. Unfortunately, restorcon sets the permissions to system_u:object_r:default_t:s0 and this does not work on my system.
That's not right. What is your home directory? What does matchpathcon $HOME return?
matchpathcon $HOME returns system_u:object_r:default_t:s0
I switched the default home location from /home/user to /data/user and changed the permissions of /data/user with chcon -R unconfined_u:object_r:user_home_dir_t:s0 /data/user
Home directories are very special in SELinux - a whole policy tree is built based on the base home directory. Usually this is determined automatically from entries in /etc/password, but I suspect you are using LDAP or similar so that SELinux does not know you use /data/user for home directories. To inform it, you should do:
semanage fcontext -a -e /home /data/user
This is from /etc/selinux/semanage.conf.
-- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA/CoRA Division FAX: 303-415-9702 3380 Mitchell Lane orion@cora.nwra.com Boulder, CO 80301 http://www.cora.nwra.com