-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/02/2010 08:16 PM, Chris Smart wrote: > HI all, > > I know there's been a lot of discussion about SELinux lately, but I > like it and I use it (although I'm a recent Fedora convert). However, > just today I have hit a snag and I don't know to get around it - I'm > after some advice on how to work around it (without turning SELinux > off!). > > I have a Fedora 13 OpenLDAP server for central authentication and > Fedora boxes which are configured to authenticate to the LDAP server > (done using Fedora's authconfig-gtk tool). In the tool under "Advanced > Options" I have ticked the "Create home directories on the first > login" for obvious reasons. > > The problem is that when the user logs in, SELinux is blocking it > because it does not expect xauth to have write access to create the > home directory. > > "SELinux is preventing /usr/bin/xauth "write" access on [user]" > > How do I go about solving this? In fact, what is the _right_ way to solve this? > > Thanks, > Chris I am not sure what system-config-authorization is doing, is it setting up pam_oddjob_mkhomedir or pam_mkhomedir. It would be better if it used pam_oddjob_mkhomedir. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkyA9OAACgkQrlYvE4MpobML8gCgxbUgVoMgqcCu+egi0NCBB6oD sywAn04F+tnj6bT5fdODAsiAUMKeW27U =HXfl -----END PGP SIGNATURE----- -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
