[X2Go-Dev] Bug#438: Bug#438: x2goserver and rhel6.4 / selinux Problem
Orion Poplawski
orion at cora.nwra.com
Wed Mar 5 16:13:59 CET 2014
On 03/04/2014 11:59 PM, Frank Knoben wrote:
> On 03/04/2014 05:36 PM, Orion Poplawski wrote:
>> On 03/04/2014 04:02 AM, Frank Knoben wrote:
>>> When I put the lines in the x2gostartagent script
>>>
>>> after the
>>>
>>> XAUTHORITY=${XAUTHORITY:-"$HOME/.Xauthority"}
>>>
>>> line, the permissions will be fixed on login and not on logout.
>>> Unfortunately, restorcon sets the permissions to
>>> system_u:object_r:default_t:s0
>>> and this does not work on my system.
>>
>> That's not right. What is your home directory? What does
>> matchpathcon $HOME return?
>>
>>
>
> matchpathcon $HOME
> returns system_u:object_r:default_t:s0
>
> I switched the default home location from /home/user to /data/user and
> changed the
> permissions of /data/user with
> chcon -R unconfined_u:object_r:user_home_dir_t:s0 /data/user
Home directories are very special in SELinux - a whole policy tree is
built based on the base home directory. Usually this is determined
automatically from entries in /etc/password, but I suspect you are using
LDAP or similar so that SELinux does not know you use /data/user for
home directories. To inform it, you should do:
semanage fcontext -a -e /home /data/user
This is from /etc/selinux/semanage.conf.
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA/CoRA Division FAX: 303-415-9702
3380 Mitchell Lane orion at cora.nwra.com
Boulder, CO 80301 http://www.cora.nwra.com
More information about the x2go-dev
mailing list