Need help with SELinux and SGE/ssh

Daniel J Walsh dwalsh at redhat.com
Fri Aug 3 20:12:47 UTC 2007


Orion Poplawski wrote:
> Daniel J Walsh wrote:
>> What context is your sshd running under?
>> Normal sshd runs under
>>
>> system_u:system_r:sshd_t:SystemLow-SystemHigh
>>
>> I think you might be having a problem if you sshd is only running at 
>> s0 and trying to log people in at
>> SystemLow-SystemHigh.
>
> Well, in permissive mode it ends up like:
>
> root:system_r:unconfined_t:SystemLow-SystemHigh orion 7737 7732  0 
> 13:45 ? 00:00:00 sshd: orion at notty
>
> But this is after login.  I'm not sure there's a good way to tell what 
> it is before the login completes though - unless the error messages 
> indicate that it is running in s0.
>
> How can I make sure that it is running at SystemLow-SystemHigh to 
> start with?  Get the SGE daemons running in that mode so that children 
> inherit that?
>
Or setup a transition from the SGE Daemons to sshd_t:s0-SystemHigh




More information about the fedora-selinux-list mailing list