-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/09/2010 04:52 AM, Göran Uddeborg wrote: > Daniel J Walsh: >> If you login to the client, the .xsession-errors will show up as nfs_t >> on the client, but on the server, the file will get created as >> user_home_t, I believe. Since there is a rule that says files created >> by kernel_t in user_home_dir_t get created as user_home_t. When you >> login to the nfs server directly you get an error saying xdm is not >> allowed to write user_home_t. > > That is probably what happens. At least for us. We are also seeing > this problem, and what you describe above matches very well what we > see. > >> I really do not have a solution other >> then running restorecond on the server to watch this file. > > That would mean adding "/home/*/.xsession-errors" to > /etc/selinux/restorecond.conf, right? Is there some comment syntax > for this file? (So I can add a note why I did this?) > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux Then again it might not because restorecond watches for users logging in to figure out which files to watch. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0CWWEACgkQrlYvE4MpobOnNACfSoZ7qpkLe/DcywTJEgjNK/so bmgAoMA1XnDLVegtxstaAuFkbt23Csse =UWJZ -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
