[Freeipa-users] IPA clashing with selinux on users home directories
Stephen Gallagher
sgallagh at redhat.com
Thu Mar 8 20:43:43 UTC 2012
On Thu, 2012-03-08 at 20:14 +0000, Steven Jones wrote:
> Hi,
>
> I am setting up some IPA users what I have noticed is if I or they type
> startx to start a gui locking the .Xauthority fails, if I setenforce 0
> then it works fine.....I have never seen this behaviour before and
> googling suggests its an IPA and selinux conflict.
>
> and in fact when I create a local user they get an instant gui from
> running startx...
>
I'm guessing you're creating your home directories with the help of
pam_mkhomedir.so. This won't work with SELinux. You need to install and
use pam_oddjob_mkhomedir.so instead, which will properly set up SELinux
contexts for your users.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120308/a3fc410c/attachment.sig>
More information about the Freeipa-users
mailing list