Bug 426614 - permissions for ~nx/.ssh=/var/lib/nxserver/.ssh
permissions for ~nx/.ssh=/var/lib/nxserver/.ssh
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
8
All Linux
low Severity low
: ---
: ---
Assigned To: Josef Kubin
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-12-22 19:08 EST by Need Real Name
Modified: 2008-03-05 17:17 EST (History)
0 users

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-03-05 17:17:09 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2007-12-22 19:08:47 EST
Description of problem:
/var/lib/nxsserver is the home directory for user 'nx' (created automatically by
the freenx rpm).

I am wondering whether /var/lib/nxerver/.ssh (which is a critical directory for
nx to work) should then have security context system_u:object_r:user_home_ssh_t
(or whatever the new unconfined version is). The current selinux context is
system_u:object_r:var_lib_t
Comment 1 Need Real Name 2008-01-15 14:17:20 EST
Any insight into whether this should be corrected?
Comment 2 Josef Kubin 2008-01-15 14:36:23 EST
I know that it is really annoying to you constantly report bugs for nxserver.
But I didn't have sufficient permissions to commit my patch for update. Feel
free to use my packages which fixes your particular problem.
http://people.redhat.com/jkubin/selinux/F8/
Update will be publicly available as selinux-policy-3.0.8-77 .

Thank you for understanding.
Comment 3 Need Real Name 2008-01-15 14:58:45 EST
Any insight into whether this should be corrected?
Comment 4 Need Real Name 2008-01-15 15:01:53 EST
Josef don't worry I'm NOT at all annoyed -- I truly appreciate all the work you
and the entire Redhat team does. I was merely asking because it seemed like you
had fixed it but it was not appearing in either updates or testing -- so I
wanted to make sure that this was not an inadvertent oversight or that I was
doing something wrong.

So again, THANKS SO MUCH for the responsiveness and I am perfectly happy despite
the occasional frustration we all experience while living on the cutting edge :)
Comment 5 Daniel Walsh 2008-03-05 17:17:09 EST
Bugs have been in modified for over one month.  Closing as fixed in current
release please reopen if the problem still persists.

Note You need to log in before you can comment on or make changes to this bug.