Wednesday, August 13, 2008

SELinux too strong for me

About a couple of months I bought a new computer (a laptop) and until now couldn't setup like my desktop and haven't figured out why (until today).

There were 2 annoying aspects that kept me on my nerves: I couldn't set my Gnome to a different language from the system language (I like to have the system in English a for me in German). The second point that kept me pissed off was a strange SSH error "could not chdir /home/...".

For the language it is pretty straight forward:

cat > $HOME/.dmrc << __END__

But somehow didn't work.

My other problem, SSH login was somehow cryptic for me (how could it be?!?). But today it strikes me: SELinux (I tried a local login, in the terminal, and the same error came). Somehow SELinux prevents "login" from accessing the home directory.

Anyway, the solution, which some security freaks would recommend, was to change SELinux from "ENFORCING" to "PERMISSIVE" and reboot. To do the same:

1. Edit as root: /etc/sysconfig/selinux
2. Change the SELINUX variable to:
3. Reboot

That's it. Now everything works just fine.

No comments: