search for: xauth_t

...erge - But when SELinux is in enforcing mode on Server, the commands fail with this message : bash: /usr/bin/xauth: Permission denied and /var/log/audit/audit.log shows the following errors : type=SELINUX_ERR msg=audit(1326381080.364:610): security_compute_sid: invalid context system_u:system_r:xauth_t:s0-s0:c0.c1023 for scontext=system_u:system_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xauth_exec_t:s0 tclass=process type=AVC msg=audit(1326381080.364:610): avc: denied { write } for pid=3487 comm="xauth" path="pipe:[21744]" dev=pipefs ino=21744 scontext=syste...

...-a -t bin_t /usr/bin/xauth but it makes no difference. The message I'm now seeing in /var/log/audit/audit.log : type=AVC msg=audit(1385112688.399:67769): avc: denied { write } for pid=8218 comm="xauth" name="caw" dev=md1 ino=262145 scontext=unconfined_u:unconfined_r:xauth_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1385112688.399:67769): arch=c000003e syscall=2 success=no exit=-13 a0=7fffdecf5c60 a1=c1 a2=180 a3=8 items=0 ppid=8217 pid=8218 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 f...

...chroot_user_t self:tcp_socket create; allow chroot_user_t self:udp_socket create; allow chroot_user_t user_devpts_t:chr_file open; allow chroot_user_t user_home_t:chr_file { read write }; #!!!! This avc is allowed in the current policy allow chroot_user_t xauth_exec_t:file getattr; #============= xauth_t ============== allow xauth_t chroot_user_t:process sigchld; # getsebool -a | grep ssh allow_ssh_keysign --> off fenced_can_ssh --> off ssh_chroot_full_access --> on ssh_chroot_manage_apache_content --> off ssh_chroot_rw_homedirs --> on ssh_sysadm_login --> off These are defini...