Issues logging into to more than one system
Daniel J Walsh
dwalsh at redhat.com
Fri Dec 10 16:45:34 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/09/2010 04:52 AM, Göran Uddeborg wrote:
> Daniel J Walsh:
>> If you login to the client, the .xsession-errors will show up as nfs_t
>> on the client, but on the server, the file will get created as
>> user_home_t, I believe. Since there is a rule that says files created
>> by kernel_t in user_home_dir_t get created as user_home_t. When you
>> login to the nfs server directly you get an error saying xdm is not
>> allowed to write user_home_t.
>
> That is probably what happens. At least for us. We are also seeing
> this problem, and what you describe above matches very well what we
> see.
>
>> I really do not have a solution other
>> then running restorecond on the server to watch this file.
>
> That would mean adding "/home/*/.xsession-errors" to
> /etc/selinux/restorecond.conf, right? Is there some comment syntax
> for this file? (So I can add a note why I did this?)
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
~/.xsessions-errors
Should work, although I have a bug report on this not working. Could you
see if it works for you.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk0CWS4ACgkQrlYvE4MpobMYfgCfRc5A5wWxZUo1lxcciZQLNx2K
9ocAoJIByL98M8y/4bwKVI6G+OMvMcDu
=heqV
-----END PGP SIGNATURE-----
More information about the selinux
mailing list