problems with today's rawhide

Russell Coker russell at coker.com.au
Mon Jan 26 14:18:55 UTC 2004


On Tue, 27 Jan 2004 01:03, Alexandre Oliva <aoliva at redhat.com> wrote:
> > It's strange about su, the policy permits it.  What AVC message do you
> > get?
>
> root# su - aoliva
>
> avc: denied  { sendto } for  pid=3816 exe=/bin/su path=/dev/log
> scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t
> tclass=unix_dgram_socket

Looks like you have labelling issues.  It appears that syslogd is running as 
kernel_t.  You obviously booted in permissive mode as the machine would have 
stopped long before you got that far otherwise.  How exactly did you go about 
installing it?  I guess I need another machine to test these things.

Also /bin/su is mis-labeled.  It should be su_exec_t which would cause it to 
run as root:sysadm_r:sysadm_su_t.

> Sorry about that.  Anyhow, the logs look like:
>
> Accepted publickey for aoliva from ::ffff:... port ... ssh2
> fatal: Failed to get default security context for aoliva.
>
> and I can't ssh in as any user other than root.

I guess that sshd is running in the wrong context.

What does "ps --context | grep sshd" give?  It should be 
system_u:system_r:sshd_t, but I guess it's system_u:system_r:kernel_t.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page





More information about the fedora-devel-list mailing list