Gnome Remote Login on SELinux enabled systems


Gnome Remote Login (RDP) is not working on systems with SELinux set to enforce. This does affect Fedora 40 that ships Gnome 46. Executing this code installs new SELinux rules that permit the necessary access. These rules might not be optimal and provide too much access.

tee /tmp/grd.te << EOF > /dev/null
module grd 1.0;
require {
    type system_dbusd_t;
    type unconfined_service_t;
    type xdm_t;
    class tcp_socket { getattr getopt read setopt shutdown write };
allow system_dbusd_t unconfined_service_t:tcp_socket { read write };
allow xdm_t unconfined_service_t:tcp_socket { getattr getopt read setopt shutdown write };
checkmodule -M -m -o /tmp/grd.mod /tmp/grd.te
semodule_package -o /tmp/grd.pp -m /tmp/grd.mod
sudo semodule -i /tmp/grd.pp

More details in this forum post.