[X2Go-Dev] Bug#438: x2goserver and rhel6.4 / selinux Problem
Frank Knoben
admin at igpm.rwth-aachen.de
Fri Feb 28 14:56:43 CET 2014
Hi Mike,
I gave some more thoughts to your remark, that the position is the wrong
one.
And you were right. On a system, where users work interactively at an
attached
screen and use x2go for accessing the system remotely, the fix won't
work at that
position. There it should be just before the .Xauthority file is
accessed. I will
see on tuesday, wether I can find that position.
Sincerly
Frank
On 28.02.2014 13:20, Mike Gabriel wrote:
> Hi Frank,
>
> On Fr 28 Feb 2014 13:15:41 CET, Frank Knoben wrote:
>
>> Hi Mike,
>>
>> what about the following solution / proposal for the x2goruncommand
>> script:
>>
>>
>> ....
>> # run logout scripts
>>
>> FIX_XAUTH=`ls -Z $HOME/.Xauthority | egrep default_t`
>> if test -n $FIX_AUTH
>> then
>> /usr/bin/chcon unconfined_u:object_r:xauth_home_t:s0 $HOME/.Xauthority
>> fi
>>
>>
>> test -r /etc/x2go/x2go_logout && . /etc/x2go/x2go_logout
>>
>> ...
>>
>> this fixes the selinux file permission in case, it it set to
>> system_u:object_r:default_t:s0
>> It works on my system.
>>
>> sincerly
>>
>> Frank
>
> The position where you propose adding the fix does not seem right to
> me. As the file permissions will stay "wrong" for the duration of the
> session and will only be corrected after the session has ended.
>
> Do I understand it correctly, that the file permissions need adaptions
> directly after session startup (i.e. after launching the session
> (destop) command)?
>
> Greets,
> Mike
>
>
More information about the x2go-dev
mailing list