problems with today's rawhide
Russell Coker
russell at coker.com.au
Mon Jan 26 14:18:55 UTC 2004
On Tue, 27 Jan 2004 01:03, Alexandre Oliva <aoliva at redhat.com> wrote:
> > It's strange about su, the policy permits it. What AVC message do you
> > get?
>
> root# su - aoliva
>
> avc: denied { sendto } for pid=3816 exe=/bin/su path=/dev/log
> scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t
> tclass=unix_dgram_socket
Looks like you have labelling issues. It appears that syslogd is running as
kernel_t. You obviously booted in permissive mode as the machine would have
stopped long before you got that far otherwise. How exactly did you go about
installing it? I guess I need another machine to test these things.
Also /bin/su is mis-labeled. It should be su_exec_t which would cause it to
run as root:sysadm_r:sysadm_su_t.
> Sorry about that. Anyhow, the logs look like:
>
> Accepted publickey for aoliva from ::ffff:... port ... ssh2
> fatal: Failed to get default security context for aoliva.
>
> and I can't ssh in as any user other than root.
I guess that sshd is running in the wrong context.
What does "ps --context | grep sshd" give? It should be
system_u:system_r:sshd_t, but I guess it's system_u:system_r:kernel_t.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-devel-list
mailing list