Need help with SELinux and SGE/ssh
Orion Poplawski
orion at cora.nwra.com
Wed Aug 1 20:55:58 UTC 2007
I'm running Sun Grid Engine on a CentOS 5 cluster and am having trouble
with SELinux preventing the proper setup of parallel environments.
Turning SELinux off allows everything to work properly.
The problem seems to be when SGE tries to use ssh to login to a remote
machine. As part of this process, it starts up a private sshd daemon to
handle the connection. The relevant error appears to be:
type=USER_LOGIN msg=audit(1186001097.981:19489): user pid=12066 uid=0
auid=0 subj=root:system_r:unconfined_t:s0-s0:c0.c1023 msg='acct=steph:
exe="/usr/sbin/sshd" (hostname=?, addr=192.168.0.120, terminal=sshd
res=failed)'
type=USER_ROLE_CHANGE msg=audit(1186001098.201:19491): user pid=12066
uid=0 auid=0 subj=root:system_r:unconfined_t:s0-s0:c0.c1023 msg='sshd:
default-context=user_u:system_r:unconfined_t:s0
selected-context=user_u:system_r:unconfined_t:s0-s0:c0.c1023:
exe="/usr/sbin/sshd" (hostname=?, addr=?, terminal=? res=failed)'
sshd reports:
Aug 1 14:44:58 coop00 sshd[12066]: error: deny MLS level
SystemLow-SystemHigh (user range s0). Continuing in permissive mode
I'm at a loss here. Can anyone explain what is going on and what is
failing? How can I make it work without running in permissive mode?
Thanks!
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA/CoRA Division FAX: 303-415-9702
3380 Mitchell Lane orion at cora.nwra.com
Boulder, CO 80301 http://www.cora.nwra.com
More information about the fedora-selinux-list
mailing list