On Fri, 2005-12-16 at 18:11 -0800, Daniel B. Thurman wrote: > With the new SELinux updates, it appears that root, > other than normal users can login to Fedora via VNC > Server? My VNC Server is setup such that I am using > xinitd for VNC Server requests. > > Another problem I noticed is that when I log into my > Fedora system via VNC as root user, and open a xterm > window and run a su - <normal-user>, I get back a > SElinux message: > > ================================================ > # su - dan > Your default context is: user_u:system_r:kernel_t. > > Do you want to want to choose a different one? [n] > ================================================ > > It is *possible* that this problem came up when > I had to make a copy of my filesystem to another > hard-disk for the purpose of creating a /boot > partition (my bad) and copied/restored the filesystem > back over to the main drive. I don't think I made > any copy/restore mistakes as I know the fs permissions > are correct but I cannot speak for filesystem journaling > or whatever that keeps track of the SELinux attributes. > > In any case, what can I do to resolve my VNC and/or su > issue knowing that SElinux has something to do with it? /usr/sbin/sestatus -v | grep -v active shows what? -- Stephen Smalley National Security Agency
