• 1

Re: /home/xguest not cleaned up

I think you have stumbled upon a bug, that we have been fixing in pam_selinux_permit.

Not all processes are guaranteed to be killed on logout. So if a stray process (bonobo?) is still running, it will prevent pam_namespace from unmounting the homedir, and thus cleaning up the temporary file system. When you log in a second time. A new temporary file system is getting mounted over the old homedir so you see the files dissapear.

The new pam_selinux_permit will allow us to set an exclusive flag.

# /etc/security/sepermit.conf
#
# Each line contains either:
# - an user name
# - a group name, with @group syntax
# - a SELinux user name, with %seuser syntax
# Each line can contain optional arguments separated by :
# The possible arguments are:
# - exclusive - only single login session will
# be allowed for the user and the user's processes
# will be killed on logout
xguest:exclusive


This flag will prevent a user from logging in without a password if a process is running with this UID. AND it will try to kill all processes running with the UID when you log out, which would allow the homedir to be unmounted.

I hope to get this back ported to Fedora 8 and I will update the xguest package to take advantage.

Re: /home/xguest not cleaned up

Hi
at the beginning Sorry for my english:-((
I've problem:
I need to Creat a Kiosk on Fedora 8 but I want open only windows aplication from wine tool on start.
it is possible??
If Yes -Please explain me step by step how I can do this.
I will add I am beginner user of Linux;-(

Please HELP

Re: /home/xguest not cleaned up

Please take questions like these to the Fedora-SELinux email list.

Re: /home/xguest not cleaned up

Thanks danwalsh:)

  • 1
?

Log in