Problem with VNC and SELinux: FC4
Daniel J Walsh
dwalsh at redhat.com
Tue Dec 20 20:48:09 UTC 2005
Chad Hanson wrote:
>
>
>
>> Folks,
>>
>> With the new SELinux updates, it appears that root,
>> other than normal users can login to Fedora via VNC
>> Server? My VNC Server is setup such that I am using
>> xinitd for VNC Server requests.
>>
>>
>
> A problem I noticed on FC4 with updates is that running VNC from initscripts
> will cause user sessions to have a system_u:system_r:initrc_t context. If
> you start a VNC server as the user from a shell, you get get the expected
> behavior of unconfined_t session.
>
>
>> Another problem I noticed is that when I log into my
>> Fedora system via VNC as root user, and open a xterm
>> window and run a su - <normal-user>, I get back a
>> SElinux message:
>>
>> ================================================
>> # su - dan
>> Your default context is: user_u:system_r:kernel_t.
>>
>> Do you want to want to choose a different one? [n]
>> ================================================
>>
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
To get vncserver working properly on Rawhide, you can change the context
to unconfined_exec_t
chcon -t unconfined_exec_t /usr/bin/vncserver
--
More information about the fedora-list
mailing list