X2Go Bug report logs - #438
x2goserver and rhel6.4 / selinux Problem

version graph

Package: x2goserver; Maintainer for x2goserver is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goserver is src:x2goserver.

Reported by: Frank Knoben <admin@igpm.rwth-aachen.de>

Date: Thu, 27 Feb 2014 09:10:02 UTC

Severity: normal

Tags: moreinfo, not-a-bug

Found in version 4.0.1.13

Done: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Bug is archived. No further changes may be made.

Full log


🔗 View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#438: x2goserver and rhel6.4 / selinux Problem
Reply-To: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>, 438@bugs.x2go.org
Resent-From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
Resent-To: x2go-dev@lists.berlios.de
Resent-CC: X2Go Developers <x2go-dev@lists.berlios.de>
X-Loop: owner@bugs.x2go.org
Resent-Date: Fri, 28 Feb 2014 12:25:02 +0000
Resent-Message-ID: <handler.438.B438.139359005221042@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: followup 438
X-X2Go-PR-Package: x2goserver
X-X2Go-PR-Keywords: moreinfo
Received: via spool by 438-submit@bugs.x2go.org id=B438.139359005221042
          (code B ref 438); Fri, 28 Feb 2014 12:25:02 +0000
Received: (at 438) by bugs.x2go.org; 28 Feb 2014 12:20:52 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED
	autolearn=ham version=3.3.2
Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199])
	by ymir (Postfix) with ESMTPS id 2479D5DB16
	for <438@bugs.x2go.org>; Fri, 28 Feb 2014 13:20:52 +0100 (CET)
Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98])
	by freya.das-netzwerkteam.de (Postfix) with ESMTPS id DCF381EC5F;
	Fri, 28 Feb 2014 13:20:51 +0100 (CET)
Received: from localhost (localhost [127.0.0.1])
	by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id CFA4F3BD70;
	Fri, 28 Feb 2014 13:20:51 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de
Received: from grimnir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id sf4suoCPfmJQ; Fri, 28 Feb 2014 13:20:51 +0100 (CET)
Received: from grimnir.das-netzwerkteam.de (localhost [127.0.0.1])
	by grimnir.das-netzwerkteam.de (Postfix) with ESMTPSA id 961093B93D;
	Fri, 28 Feb 2014 13:20:51 +0100 (CET)
Received: from m-047.informatik.uni-kiel.de (m-047.informatik.uni-kiel.de
 [134.245.254.47]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP;
 Fri, 28 Feb 2014 12:20:51 +0000
Date: Fri, 28 Feb 2014 12:20:51 +0000
Message-ID: <20140228122051.Horde.GZ8FBPgZh6U4xr_vcWozeg4@mail.das-netzwerkteam.de>
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: Frank Knoben <admin@igpm.rwth-aachen.de>
Cc: 438@bugs.x2go.org
References: <20140227153048.Horde.6X5oZyCn2oTDQtFl7KQMCQ1@mail.das-netzwerkteam.de>
 <53104757.1030306@igpm.rwth-aachen.de>
 <20140228092446.Horde.K_uiZqFdCvK-Jq-K84gzwg6@mail.das-netzwerkteam.de>
 <53106F2B.4000507@igpm.rwth-aachen.de>
 <20140228120038.Horde.dl33bCBmwwHgj0u6OwNIwA1@mail.das-netzwerkteam.de>
 <53107DED.6080206@igpm.rwth-aachen.de>
In-Reply-To: <53107DED.6080206@igpm.rwth-aachen.de>
User-Agent: Internet Messaging Program (IMP) H5 (6.1.4)
Accept-Language: en,de
Organization: DAS-NETZWERKTEAM
X-Originating-IP: 134.245.254.47
X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:26.0) Gecko/20100101
 Firefox/26.0 Iceweasel/26.0
Content-Type: multipart/signed; boundary="=_a4WIwoZfp4UPt8IIvx6euA1";
 protocol="application/pgp-signature"; micalg=pgp-sha1
MIME-Version: 1.0
[Message part 1 (text/plain, inline)]
Hi Frank,

On  Fr 28 Feb 2014 13:15:41 CET, Frank Knoben wrote:

> Hi Mike,
>
> what about the following solution / proposal for the x2goruncommand script:
>
>
> ....
> # run logout scripts
>
> FIX_XAUTH=`ls -Z $HOME/.Xauthority | egrep default_t`
> if test -n $FIX_AUTH
> then
>   /usr/bin/chcon unconfined_u:object_r:xauth_home_t:s0 $HOME/.Xauthority
> fi
>
>
> test -r /etc/x2go/x2go_logout && . /etc/x2go/x2go_logout
>
> ...
>
> this fixes the selinux file permission in case, it it set to  
> system_u:object_r:default_t:s0
> It works on my system.
>
> sincerly
>
> Frank

The position where you propose adding the fix does not seem right to  
me. As the file permissions will stay "wrong" for the duration of the  
session and will only be corrected after the session has ended.

Do I understand it correctly, that the file permissions need adaptions  
directly after session startup (i.e. after launching the session  
(destop) command)?

Greets,
Mike


-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
[Message part 2 (application/pgp-signature, inline)]

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Sun Aug 18 15:10:14 2019; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.