Bug 119786 - Numerous programs fail to access xauth file in /tmp
Numerous programs fail to access xauth file in /tmp
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: policy (Show other bugs)
rawhide
All Linux
medium Severity high
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
: SELinux
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-04-02 01:38 EST by Aleksey Nogin
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-04-07 23:41:26 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Aleksey Nogin 2004-04-02 01:38:11 EST
xauth creates temporary files in the /tmp dir, but currently it is not
permitted to do so:

audit(1080888006.766:0): avc:  denied  { write } for  pid=2730
exe=/usr/X11R6/bin/xauth name=tmp dev=hda2 ino=212577
scontext=aleksey:staff_r:staff_xauth_t
tcontext=system_u:object_r:tmp_t tclass=dir
audit(1080888008.770:0): avc:  denied  { write } for  pid=2730
exe=/usr/X11R6/bin/xauth name=tmp dev=hda2 ino=212577
scontext=aleksey:staff_r:staff_xauth_t
tcontext=system_u:object_r:tmp_t tclass=dir
audit(1080888010.776:0): avc:  denied  { write } for  pid=2730
exe=/usr/X11R6/bin/xauth name=tmp dev=hda2 ino=212577
scontext=aleksey:staff_r:staff_xauth_t
tcontext=system_u:object_r:tmp_t tclass=dir
Comment 1 Aleksey Nogin 2004-04-02 02:15:27 EST
I, not I see more exactly what is happaning. As a part of work on bug
119204, the xauth data was forced to be relocated to /tmp instead of
using the $HOME/.Xauthority. The authority file ends up being marked
as xdm_tmp_t and this causes huge problems - xauth can not read it,
ssh can not read it, mozilla can not read it...
Comment 2 Daniel Walsh 2004-04-05 23:05:46 EDT
This should be fixed with the latest updates to gdm and policy.  xauth
is created in homedir and xsession-errors is in /tmp
Comment 3 Aleksey Nogin 2004-04-07 23:21:33 EDT
Confirming that this WFM with xinitrc-3.39-1 (I am using kdm) and
policy-sources-1.9.2-12

Note You need to log in before you can comment on or make changes to this bug.