On 12/30/2009 11:14 AM, Göran Uddeborg wrote: > Dominick Grift: >> Well for starters the file is mislabeled: > >> The Question is: why did this not happen? > > Thanks for your analysis. > > I'll try to investigate exactly when this happens. And if it turns > out to be something policy-related (rather than something that has > gone wrong locally) I'll file a bugzilla. > >> Remove the file and see if xauth creates a new one and what the type >> of the newly created file is: ls -alZ /root | grep .xauth > > Now it gets a context of xauth_home_t. (As usual, bugs hide when you > start looking for them!) > >> What distro are you using? > > Fedora 12. I recently upgraded the policy to > selinux-policy-3.6.32-63.fc12. > >> BTW: It is not encouraged to login as root via ssh (-X) > > :-) Between two trusted hosts on a trusted local, wired, network, I'm > not too worried. (I don't actually log in as root. I log in as > myself and do su or sudo. But I guess that part doesn't really make > much difference.) > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list > > There have been some fixes around the handling of xauth in the latest policies, so this might have fixed your problems. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
