Created attachment 359158 [details] Denial details for xdm_t access to /root, and chcon to xdm_t Description of problem: SELinux denials when logging in under xdm/gnome. Access to /root/.Xauthority file is denied for context xdm_t on context admin_home_t. Attempt to change the context of the file to xdm_t is denied. Version-Release number of selected component (if applicable): Linux 2.6.29.6-217.2.16.fc11.i586 kdebase-4.3.0-1.fc11.i586 kdebase-libs-4.3.0-1.fc11.i586 kdm-4.3.0-9.fc11.i586 libselinux-2.0.80-1.fc11.i586 selinux-policy-3.6.12-80.fc11 How reproducible: Attempt as "root" to 'chcon -t xdm_t /root/.Xauthority-c'. Steps to Reproduce: 1. Install kde-base. 2. Configure 'kdm' as the logon greeter. 3. Logon as "root". Denial: SELinux is preventing the kdm from using potentially mislabeled files (/root/.Xauthority-c). 4. Attempt to 'chcon -t xdm_t /root/.Xauthority-c'. Denial: SELinux is preventing chcon (unconfined_t) "relabelto" xdm_t. Actual results: chcon: failed to change context of `/root/.Xauthority-c' to `unconfined_u:object_r:xdm_t:s0': Permission denied Expected results: Successful alteration to xdm_t and elmination of file access denials. Additional info:
Use restorecon to reset the label. xdm_t is a process type and is not allowed to be set on a file. restorecon /root/.Xauthority-c should set the context to xauth_home_t