On Thu, 22 Oct 2009 08:28:04 -0400 Daniel J Walsh <dwalsh(a)redhat.com>
wrote:
On 10/22/2009 02:16 AM, Jeroen van Meeuwen wrote:
> On 10/22/2009 02:04 AM, Tim Fenn wrote:
>> I upgraded a machine from F10 to F12 beta - its a client machine
>> that mounts /home over NFS and authenticates over LDAP (however,
>> its a mac server that sets /home as /Volumes/Homes, which I have
>> set up as a pointer to /home). use_nfs_home_dirs is on and I can
>> log in via SSH or the console, but the graphical login fails when
>> clicking "log in" with the following selinux error:
>>
>> SELinux is preventing /usr/libexec/ck-get-x11-server-pid "read"
>> access on Homes.
>>
>> I've attached the full sealart, am I missing something
>> obvious/simple?
>>
>
> FWIW, I had something similar with gdm-greeter, I think. I also had
> a different problem[1] with gdm so I didn't give it much attention
> at the time.
>
> -- Jeroen
>
> [1]
https://bugzilla.redhat.com/show_bug.cgi?id=530041
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
I need to see the AVC in /var/log/audit/audit.log to make sure I know
the reason.
Make sure the use_nfs_home_dirs boolean is turned on.
Yes, it is. Upon further investigation, it appears gdm is just
crashing - I'll look into related bug reports. The selinux alert may
be for something else, I'll post the audit.log next time I catch it.
-Tim
--
CAPS LOCK IS THE CRUISE CONTROL OF AWESOMNESS