Re: Problem with VNC and SELinux: FC4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Chad Hanson wrote:
Folks,

With the new SELinux updates, it appears that root,
other than normal users can login to Fedora via VNC
Server?  My VNC Server is setup such that I am using
xinitd for VNC Server requests.


A problem I noticed on FC4 with updates is that running VNC from initscripts
will cause user sessions to have a system_u:system_r:initrc_t context.  If
you start a VNC server as the user from a shell, you get get the expected
behavior of unconfined_t session.

Another problem I noticed is that when I log into my
Fedora system via VNC as root user, and open a xterm
window and run a su - <normal-user>, I get back a
SElinux message:

================================================
# su - dan
Your default context is: user_u:system_r:kernel_t.

Do you want to want to choose a different one? [n]
================================================

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
To get vncserver working properly on Rawhide, you can change the context to unconfined_exec_t

chcon -t unconfined_exec_t /usr/bin/vncserver



--



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux