Hi Mike,
what about the following solution / proposal for the x2goruncommand script:
....
# run logout scripts
FIX_XAUTH=`ls -Z $HOME/.Xauthority | egrep default_t`
if test -n $FIX_AUTH
then
/usr/bin/chcon unconfined_u:object_r:xauth_home_t:s0 $HOME/.Xauthority
fi
test -r /etc/x2go/x2go_logout && . /etc/x2go/x2go_logout
...
this fixes the selinux file permission in case, it it set to
system_u:object_r:default_t:s0
It works on my system.
sincerly
Frank
On 02/28/2014 01:00 PM, Mike Gabriel wrote:
Hi Frank,
On Fr 28 Feb 2014 12:12:43 CET, Frank Knoben wrote:
Hi Mike,
thank you very much for the proposal, where I could fix the problem
for my system.
But I still have to think, how to make a permanent workaround in the
x2gostartagent script.
- if I use icewm windowmanager with selinux and x2goserver /
x2goclient everything is fine and the .Xauthority file has the right
permissions
- if I use the kde or gnome windowmanager the .Xauthority
permissions will be modified to the wrong permissions
- when the home directory is on a nfsserver with no selinux installed
and the x2goserver system uses selinux, there is no problem at all.
Trying to fix the selinux permissions will give the error message
'Operation not supported'
So I think, it is a problem of the kde and gnome windowmanager.
For the kde windowmanager, I put a chcon statement at the end of the
/usr/bin/startkde script.
I'm still looking for a workaround for the gnome windowmanager.
Sincerly
Frank
Thanks for this heavy debugging.
I will be fine with adding such magic into x2gostartagent (or
x2goruncommand). But we need to be as detailled and explicit on the
how and when.
Get back to me, once you have more insights.
Mike
_______________________________________________
X2Go-Dev mailing list
X2Go-Dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/x2go-dev
