Bug 170557
Summary: | selinux policy blocks rexec access | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Gilles Detillieux <grdetil> |
Component: | selinux-policy-targeted | Assignee: | Russell Coker <rcoker> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | 1.27.1-2.7 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-03-22 03:22:37 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Gilles Detillieux
2005-10-12 21:25:13 UTC
I added rshd_exec_t for rexecd in rshd.fc, which will be in the next policy we update. For now you can add a line to /etc/selinux/targeted/contexts/files/file_contexts.local to preserve it over a restorecon. Fixed in selinux-policy-*-1.27.1-2.6 I beg to differ. I'm running selinux-policy-targeted-1.27.1-2.6 as of this morning, and there's still no reference to rexec in any file in /etc/selinux other than the one I added to file_contexts.local on your recommendation. Of the 3 FC4 systems I looked at, only the 2 where I manually changed in.rexecd's context have it set correctly. Did the change fail to make it into all the update RPMs for all FC releases? Oops that should be in 2.7 then. Available in test tonight or via ftp://people.redhat.com/dwalsh/SELinux/FC4 That did the job quite nicely. Thanks! |