[X2Go-Dev] Bug#438: Bug#438: x2goserver and rhel6.4 / selinux Problem
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Wed Mar 5 22:20:47 CET 2014
Control: tag -1 not-a-bug
Hi Frank, hi Orion,
On Mi 05 Mär 2014 16:13:59 CET, Orion Poplawski wrote:
> On 03/04/2014 11:59 PM, Frank Knoben wrote:
>> On 03/04/2014 05:36 PM, Orion Poplawski wrote:
>>> On 03/04/2014 04:02 AM, Frank Knoben wrote:
>>>> When I put the lines in the x2gostartagent script
>>>>
>>>> after the
>>>>
>>>> XAUTHORITY=${XAUTHORITY:-"$HOME/.Xauthority"}
>>>>
>>>> line, the permissions will be fixed on login and not on logout.
>>>> Unfortunately, restorcon sets the permissions to
>>>> system_u:object_r:default_t:s0
>>>> and this does not work on my system.
>>>
>>> That's not right. What is your home directory? What does
>>> matchpathcon $HOME return?
>>>
>>>
>>
>> matchpathcon $HOME
>> returns system_u:object_r:default_t:s0
>>
>> I switched the default home location from /home/user to /data/user and
>> changed the
>> permissions of /data/user with
>> chcon -R unconfined_u:object_r:user_home_dir_t:s0 /data/user
>
> Home directories are very special in SELinux - a whole policy tree is
> built based on the base home directory. Usually this is determined
> automatically from entries in /etc/password, but I suspect you are using
> LDAP or similar so that SELinux does not know you use /data/user for
> home directories. To inform it, you should do:
>
> semanage fcontext -a -e /home /data/user
>
> This is from /etc/selinux/semanage.conf.
@Orion: thanks for giving support on this issue.
Do I understand it correctly, that the observed issues are not X2Go
related, but rather caused by a non-default setup?
Mike
--
DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digitale PGP-Signatur
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20140305/f74a8058/attachment.pgp>
More information about the x2go-dev
mailing list