Re: SELinux help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/02/2010 08:16 PM, Chris Smart wrote:
> HI all,
> 
> I know there's been a lot of discussion about SELinux lately, but I
> like it and I use it (although I'm a recent Fedora convert). However,
> just today I have hit a snag and I don't know to get around it - I'm
> after some advice on how to work around it (without turning SELinux
> off!).
> 
> I have a Fedora 13 OpenLDAP server for central authentication and
> Fedora boxes which are configured to authenticate to the LDAP server
> (done using Fedora's authconfig-gtk tool). In the tool under "Advanced
> Options" I have ticked the "Create home directories on the first
> login" for obvious reasons.
> 
> The problem is that when the user logs in, SELinux is blocking it
> because it does not expect xauth to have write access to create the
> home directory.
> 
> "SELinux is preventing /usr/bin/xauth "write" access on [user]"
> 
> How do I go about solving this? In fact, what is the _right_ way to solve this?
> 
> Thanks,
> Chris
I am not sure what system-config-authorization is doing, is it setting
up pam_oddjob_mkhomedir or pam_mkhomedir.  It would be better if it used
pam_oddjob_mkhomedir.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkyA9OAACgkQrlYvE4MpobML8gCgxbUgVoMgqcCu+egi0NCBB6oD
sywAn04F+tnj6bT5fdODAsiAUMKeW27U
=HXfl
-----END PGP SIGNATURE-----
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux