X2Go Bug report logs - #438
x2goserver and rhel6.4 / selinux Problem

version graph

Package: x2goserver; Maintainer for x2goserver is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goserver is src:x2goserver.

Reported by: Frank Knoben <admin@igpm.rwth-aachen.de>

Date: Thu, 27 Feb 2014 09:10:02 UTC

Severity: normal

Tags: moreinfo, not-a-bug

Found in version 4.0.1.13

Done: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Bug is archived. No further changes may be made.

Full log


🔗 View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#438: [X2Go-Dev] Bug#438: x2goserver and rhel6.4 / selinux Problem
Reply-To: Frank Knoben <admin@igpm.rwth-aachen.de>, 438@bugs.x2go.org
Resent-From: Frank Knoben <admin@igpm.rwth-aachen.de>
Original-Sender: frank@igpm.rwth-aachen.de
Resent-To: x2go-dev@lists.berlios.de
Resent-CC: X2Go Developers <x2go-dev@lists.berlios.de>
X-Loop: owner@bugs.x2go.org
Resent-Date: Tue, 04 Mar 2014 11:05:01 +0000
Resent-Message-ID: <handler.438.B438.139393096021138@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: followup 438
X-X2Go-PR-Package: x2goserver
X-X2Go-PR-Keywords: moreinfo
Received: via spool by 438-submit@bugs.x2go.org id=B438.139393096021138
          (code B ref 438); Tue, 04 Mar 2014 11:05:01 +0000
Received: (at 438) by bugs.x2go.org; 4 Mar 2014 11:02:40 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	version=3.3.2
Received: from mx-out-1.rwth-aachen.de (mx-out-1.rwth-aachen.de [134.130.5.186])
	by ymir (Postfix) with ESMTP id 6824A5DB13
	for <438@bugs.x2go.org>; Tue,  4 Mar 2014 12:02:39 +0100 (CET)
X-IronPort-AV: E=Sophos;i="4.97,584,1389740400"; 
   d="scan'208";a="261743979"
Received: from igpm.igpm.rwth-aachen.de ([134.130.161.1])
  by mx-1.rz.rwth-aachen.de with ESMTP; 04 Mar 2014 12:02:39 +0100
Received: from indy5.igpm.rwth-aachen.de ([134.130.161.44])
	by igpm.igpm.rwth-aachen.de with esmtp (Exim 4.72)
	(envelope-from <frank@igpm.rwth-aachen.de>)
	id 1WKn7P-0003uW-1E; Tue, 04 Mar 2014 12:02:39 +0100
Received: from france.igpm.rwth-aachen.de ([134.130.161.63])
	by indy5.igpm.rwth-aachen.de with esmtpsa (TLSv1:AES128-SHA:128)
	(Exim 4.72)
	(envelope-from <frank@indy5.igpm.rwth-aachen.de>)
	id 1WKn7O-0006K2-Jd; Tue, 04 Mar 2014 12:02:38 +0100
Message-ID: <5315B2CE.6000500@igpm.rwth-aachen.de>
Date: Tue, 04 Mar 2014 12:02:38 +0100
From: Frank Knoben <admin@igpm.rwth-aachen.de>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Orion Poplawski <orion@cora.nwra.com>, 438@bugs.x2go.org, 
 x2go-dev@lists.berlios.de, 
 Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
References: <20140227153048.Horde.6X5oZyCn2oTDQtFl7KQMCQ1@mail.das-netzwerkteam.de>	<53104757.1030306@igpm.rwth-aachen.de>	<20140228092446.Horde.K_uiZqFdCvK-Jq-K84gzwg6@mail.das-netzwerkteam.de>	<53106F2B.4000507@igpm.rwth-aachen.de>	<20140228120038.Horde.dl33bCBmwwHgj0u6OwNIwA1@mail.das-netzwerkteam.de> <53107DED.6080206@igpm.rwth-aachen.de> <53111696.8050600@cora.nwra.com>
In-Reply-To: <53111696.8050600@cora.nwra.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Sender: frank@igpm.rwth-aachen.de
When I put the lines in the x2gostartagent script

after the

XAUTHORITY=${XAUTHORITY:-"$HOME/.Xauthority"}

line, the permissions will be fixed on login and not on logout.
Unfortunately, restorcon sets the permissions to 
system_u:object_r:default_t:s0
and this does not work on my system.
Instead of fixing the selinux .Xauthority permissions, the file could 
also be deleted on login,
if it existed. Something like:


if test -f $HOME/.Xauthority
then
  rm $HOME/.Xauthority
fi

But it could also be, that my selinux system is misconfigured in some 
strange way,
so that other people, who run the system, don't have this problem.


Frank


On 03/01/2014 12:07 AM, Orion Poplawski wrote:
> On 02/28/2014 05:15 AM, Frank Knoben wrote:
>> Hi Mike,
>>
>> what about the following solution / proposal for the x2goruncommand 
>> script:
>>
>>
>> ....
>> # run logout scripts
>>
>> FIX_XAUTH=`ls -Z $HOME/.Xauthority | egrep default_t`
>> if test -n $FIX_AUTH
>> then
>>    /usr/bin/chcon unconfined_u:object_r:xauth_home_t:s0 
>> $HOME/.Xauthority
>> fi
>>
>
> I would suggest using restorecon to set the label.
>
>

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Sun Dec 8 02:16:07 2019; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.