[redhat-lspp] "su" broken on current MLS Rawhide

Klaus Weidner klaus at atsec.com
Tue Feb 14 21:34:54 UTC 2006 

Hello,

I've been getting really strange effects on the current Rawhide system
running the MLS policy plus Steve Grubb's LSPP kernel (no
polyinstantiation support installed yet).

	kernel-2.6.15-1.1826.2.10.2.3_FC5.lspp.7
	selinux-policy-mls-2.2.14-2

How to reproduce: in enforcing mode, log in as non-root user, then run
"/bin/su -" and authenticate. (This behaves identically in an SSH session
and on the console).

The "su" starts a root shell, but apparently this shell disassociates
itself from the parent process, and the original shell and the root shell
start fighting for the tty input. Note the intermixed prompts (I was just
hitting RETURN a couple of times), the inconsistent "id" output", and the
PPID=1 in the "ps alx" listing for the root shell.

kw at rawhide's password: 
Last login: Fri Jan 13 11:22:22 2006 from 172.16.204.1
-bash: /home/kw/.bash_profile: Permission denied
-bash-3.1$ /bin/su -
Password: 
/bin/su: warning: cannot change directory to /root: Permission denied
/bin/su: warning: cannot change directory to /root: Permission denied
-bash-3.1$ -bash: /root/.bash_profile: Permission denied
-bash-3.1# 
-bash-3.1$ -bash-3.1# -bash-3.1# 
-bash-3.1$ -bash-3.1# -bash-3.1# -bash-3.1# -bash-3.1# -bash-3.1# -bash-3.1# -bash-3.1# -bash-3.1# -bash-3.1# -bash-3.1# -bash: ii: command not found
-bash-3.1# i
uid=500(kw) gid=500(kw) groups=500(kw) context=user_u:user_r:user_t:SystemLow
-bash-3.1$ uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) context=user_u:user_r:user_t:SystemLow
-bash-3.1# i
uid=500(kw) gid=500(kw) groups=500(kw) context=user_u:user_r:user_t:SystemLow
-bash-3.1$ uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) context=user_u:user_r:user_t:SystemLow
-bash-3.1# 

F   UID   PID  PPID PRI  NI    VSZ   RSS WCHAN  STAT TTY        TIME COMMAND
4   500  1780  1533  15   0   4404  1448 -      Ss   tty2       0:00 -bash
4     0  1804     1  15   0   4404  1440 -      S+   tty2       0:00 -bash
0     0  1837  1751  16   0   3872   688 -      R+   pts/0      0:00 grep tty2

FYI, I'm also still getting the "idr_remove called for id=1 which is not
allocated" messages using this updated policy.

-Klaus

More information about the redhat-lspp mailing list