On 12/30/2009 11:14 AM, Göran Uddeborg wrote:
Dominick Grift:
> Well for starters the file is mislabeled:
> The Question is: why did this not happen?
Thanks for your analysis.
I'll try to investigate exactly when this happens. And if it turns
out to be something policy-related (rather than something that has
gone wrong locally) I'll file a bugzilla.
> Remove the file and see if xauth creates a new one and what the type
> of the newly created file is: ls -alZ /root | grep .xauth
Now it gets a context of xauth_home_t. (As usual, bugs hide when you
start looking for them!)
> What distro are you using?
Fedora 12. I recently upgraded the policy to
selinux-policy-3.6.32-63.fc12.
> BTW: It is not encouraged to login as root via ssh (-X)
:-) Between two trusted hosts on a trusted local, wired, network, I'm
not too worried. (I don't actually log in as root. I log in as
myself and do su or sudo. But I guess that part doesn't really make
much difference.)
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
There have been some fixes around the handling of xauth in the latest policies, so
this might have fixed your problems.