Hello Mike, the problem is, that I'm not an expert on selinux too. But I did some more tests. Interactive Session - first login, the ~/.Xauthority file is created and stays after logout with the permissions *system_u:object_r:default_t:s0* I am still able to login in interactively again. But with this permissions, I got the Cookie mismatch problem, when using the x2goclient. And when I login with ssh to the computer, I got a xauth error message: /usr/bin/xauth: ~/.Xauthority not writable, changes will be ignored Now I remove all .Xauthority* files. Then a login with ssh will create the ~/.Xauthority file with the *system_u:object_r:xauth_home_t:s0* permissions and the files stays with these permissions after logout. Now when I use the x2goclient, the file permissions change during the login process from *system_u:object_r:xauth_home_t:s0* to *system_u:object_r:default_t:s0 *and stay that way after logout. The same, as it is with interactive sessions. So I guess, everything is fine with the x2goserver software and this is not a bug. My problem is, that ssh is not able to overwrite the .Xauthority file, when it has the default permissions of *system_u:object_r:default_t:s0* . Therefore the x2goclient is not able to start a successful session and gets the Cookie mismatch error. So I think, you can close this bugreport. Thank you very much for your quick response and please excuse my mistake in thinking that this was a x2goserver bug. Sincerly Frank Frank Knoben Institut fuer Geometrie und Praktische Mathematik RWTH Aachen Aachen, Germany On 02/27/2014 04:30 PM, Mike Gabriel wrote: > Control: tag -1 moreinfo > > Hi Frank, > >> --------------------------- >> >> ls -Z .Xauthority >> -rw-------. frank users unconfined_u:object_r:default_t:s0 .Xauthority >> >> -------------------------- >> >> Then I do a logout. Now, when I try to connect again to the x2go >> server system, I get >> the following error message on the client side and no session is >> started. >> >> ----------------------------- >> ..... >> >> "Warning: Cookie mismatch in the X authentication data. >> " >> >> "Session: Terminating session at 'Thu Feb 27 09:40:05 2014'. >> Info: Your session was closed before reaching a usable state. >> Info: This can be due to the local X server refusing access to the >> client. >> Info: Please check authorization provided by the remote X application. >> Session: Session terminated at 'Thu Feb 27 09:40:05 2014'. >> " >> >> deleting proxy >> >> nxproxy not running >> >> proxy deleted >> >> ----------------------------------- >> >> But when I change the selinux permissions to >> >> ------ >> >> ls -Z .Xauthority >> >> -rw-------. frank users unconfined_u:object_r:xauth_home_t:s0 >> .Xauthority > > What are the SELinux permissions after you have logged out? > > Do you need that chcon command call when resuming sessions or when > starting sessions. > > Excuse my SELinux innocence at this point. I would like to add support > for SELinux, but I need to understand better why we have to tweak the > security context of .Xauthority for X2Go. > > Thanks+Greets, > Mike > > >