SEtroubleshooting (./.xsession-errors) ??
William Case
billlinux at rogers.com
Thu Jun 19 21:24:48 UTC 2008
On Thu, 2008-06-19 at 17:15 -0400, Todd Zullinger wrote:
> William Case wrote:
> > ERROR message in SEtroubleshooting.
> >
> > SELinux is preventing the pam_timestamp_c from using potentially
> > mislabeled files (/root/.xsession-errors).
> >
> > [SELinux is in permissive mode, the operation would have been
> > denied but was permitted due to permissive mode.]SELinux has
> > denied pam_timestamp_c access to potentially mislabeled file(s)
> > (/root/.xsession-errors). This means that SELinux will not allow
> > pam_timestamp_c to use these files. It is common for users to
> > edit files in their home directory or tmp directories and then
> > move (mv) them to system directories. The problem is that the
> > files end up with the wrong file context which confined
> > applications are not allowed to access.
> >
> > My Fedora 9 was recently fresh installed which would have included a
> > new .xsession-errors. Contrary to the error message, I have not
> > changed, moved or besmirched root's .xsession-errors filein any way I
> > know of.
> >
> > I am willing to follow SELinux's suggestion "If you want pam_timestamp_c
> > to access this files, you need to relabel them using restorecon -v
> > '/root/.xsession-errors'. You might want to relabel the entire directory
> > using restorecon -R -v '/root'. " If I can confirm I am not dealing with
> > a bug.
> >
> > Is this a F9 bug?
>
> Am I correct in assuming that /root/.xsession-errors means you are
> logging into X as root? If so, forget about making any adjustments to
> SELinux, as it would be pointless. Logging in to X as root is not
> something you could hope to have SELinux protect you from anyway. You
> should either a) stop logging into X as root or b) disable or ignore
> SELinux. I strongly suggest the former. :)
>
As far as I remember, and I have had Fedora 9 only installed for five
days so not hard to remember, I have only used sudo and su - to preform
normal root procedures.
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
--
Regards Bill;
Fedora 9, Gnome 2.22.2
Evo.2.22.2, Emacs 22.2.1
More information about the fedora-list
mailing list