On Thu, 22 Oct 2009 08:28:04 -0400 Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > On 10/22/2009 02:16 AM, Jeroen van Meeuwen wrote: > > On 10/22/2009 02:04 AM, Tim Fenn wrote: > >> I upgraded a machine from F10 to F12 beta - its a client machine > >> that mounts /home over NFS and authenticates over LDAP (however, > >> its a mac server that sets /home as /Volumes/Homes, which I have > >> set up as a pointer to /home). use_nfs_home_dirs is on and I can > >> log in via SSH or the console, but the graphical login fails when > >> clicking "log in" with the following selinux error: > >> > >> SELinux is preventing /usr/libexec/ck-get-x11-server-pid "read" > >> access on Homes. > >> > >> I've attached the full sealart, am I missing something > >> obvious/simple? > >> > > > > FWIW, I had something similar with gdm-greeter, I think. I also had > > a different problem[1] with gdm so I didn't give it much attention > > at the time. > > > > -- Jeroen > > > > [1] https://bugzilla.redhat.com/show_bug.cgi?id=530041 > > > > -- > > fedora-selinux-list mailing list > > fedora-selinux-list@xxxxxxxxxx > > https://www.redhat.com/mailman/listinfo/fedora-selinux-list > > > > > I need to see the AVC in /var/log/audit/audit.log to make sure I know > the reason. > > Make sure the use_nfs_home_dirs boolean is turned on. > Yes, it is. Upon further investigation, it appears gdm is just crashing - I'll look into related bug reports. The selinux alert may be for something else, I'll post the audit.log next time I catch it. -Tim -- CAPS LOCK IS THE CRUISE CONTROL OF AWESOMNESS -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
