Chad Hanson wrote:
Folks,
With the new SELinux updates, it appears that root,
other than normal users can login to Fedora via VNC
Server? My VNC Server is setup such that I am using
xinitd for VNC Server requests.
A problem I noticed on FC4 with updates is that running VNC from initscripts
will cause user sessions to have a system_u:system_r:initrc_t context. If
you start a VNC server as the user from a shell, you get get the expected
behavior of unconfined_t session.
Another problem I noticed is that when I log into my
Fedora system via VNC as root user, and open a xterm
window and run a su - <normal-user>, I get back a
SElinux message:
================================================
# su - dan
Your default context is: user_u:system_r:kernel_t.
Do you want to want to choose a different one? [n]
================================================
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
To get vncserver working properly on Rawhide, you can change the context
to unconfined_exec_t
chcon -t unconfined_exec_t /usr/bin/vncserver
--
