Displaying 3 results from an estimated 3 matches for "xauth_t".
Did you mean:
auth_t
2012 Jan 13
1
SELinux and rsh+xauth
...erge -
But when SELinux is in enforcing mode on Server, the commands fail with
this message :
bash: /usr/bin/xauth: Permission denied
and /var/log/audit/audit.log shows the following errors :
type=SELINUX_ERR msg=audit(1326381080.364:610): security_compute_sid: invalid context system_u:system_r:xauth_t:s0-s0:c0.c1023 for scontext=system_u:system_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xauth_exec_t:s0 tclass=process
type=AVC msg=audit(1326381080.364:610): avc: denied { write } for pid=3487 comm="xauth" path="pipe:[21744]" dev=pipefs ino=21744 scontext=syste...
2013 Nov 25
2
ltsp & Selinux
...-a -t bin_t /usr/bin/xauth
but it makes no difference.
The message I'm now seeing in /var/log/audit/audit.log :
type=AVC msg=audit(1385112688.399:67769): avc: denied { write } for
pid=8218 comm="xauth" name="caw" dev=md1 ino=262145
scontext=unconfined_u:unconfined_r:xauth_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:home_root_t:s0 tclass=dir
type=SYSCALL msg=audit(1385112688.399:67769): arch=c000003e syscall=2
success=no exit=-13 a0=7fffdecf5c60 a1=c1 a2=180 a3=8 items=0 ppid=8217
pid=8218 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500
sgid=500 f...
2015 Jul 09
3
C-6.6 - sshd_config chroot SELinux issues
...chroot_user_t self:tcp_socket create;
allow chroot_user_t self:udp_socket create;
allow chroot_user_t user_devpts_t:chr_file open;
allow chroot_user_t user_home_t:chr_file { read write };
#!!!! This avc is allowed in the current policy
allow chroot_user_t xauth_exec_t:file getattr;
#============= xauth_t ==============
allow xauth_t chroot_user_t:process sigchld;
# getsebool -a | grep ssh
allow_ssh_keysign --> off
fenced_can_ssh --> off
ssh_chroot_full_access --> on
ssh_chroot_manage_apache_content --> off
ssh_chroot_rw_homedirs --> on
ssh_sysadm_login --> off
These are defini...