Bug 222333
Summary: | lspp: error message and avc when starting sshd | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Linda Knippers <linda.knippers> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5.0 | CC: | iboverma, krisw, sgrubb |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | RC | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-02-08 02:14:42 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Linda Knippers
2007-01-11 18:43:21 UTC
Fixed in selinux-policy-2.4.6-25 QE ack for RHEL5. I'm running the Jan 31 rc and I'm seeing this problem again, only now I'm getting additional error messages from the sshd start script. its got selinux-policy-mls-2.4.6-30.el5 so shouldn't it have the fixes? Generating SSH1 RSA host key: chmod: changing permissions of `/etc/ssh/ssh_host_key': Permission denied chmod: changing permissions of `/etc/ssh/ssh_host_key.pub': Permission denied [ OK ] Generating SSH2 RSA host key: chmod: changing permissions of `/etc/ssh/ssh_host_rsa_key': Permission denied chmod: changing permissions of `/etc/ssh/ssh_host_rsa_key.pub': Permission denied [ OK ] Generating SSH2 DSA host key: chmod: changing permissions of `/etc/ssh/ssh_host_dsa_key': Permission denied chmod: changing permissions of `/etc/ssh/ssh_host_dsa_key.pub': Permission denied [ OK ] cp: cannot create regular file `/var/empty/sshd/etc/localtime': Permission denied Starting sshd: [ OK ] AVCs: type=AVC msg=audit(1170559562.079:279): avc: denied { setattr } for pid=1715 comm="chmod" name="ssh_host_key" dev=dm-0 ino=2196745 scontext=system_u:system_r:initrc_t:s0-s15:c0.c1023 tcontext=system_u:object_r:sshd_key_t:s0 tclass=file type=SYSCALL msg=audit(1170559562.079:279): arch=c0000032 syscall=1038 success=no exit=-13 a0=60000000000050b0 a1=180 a2=12 a3=60000000000062d0 items=0 ppid=1706 pid=1715 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="chmod" exe="/bin/chmod" subj=system_u:system_r:initrc_t:s0-s15:c0.c1023 key=(null) type=AVC msg=audit(1170559562.080:280): avc: denied { setattr } for pid=1716 comm="chmod" name="ssh_host_key.pub" dev=dm-0 ino=2196746 scontext=system_u:system_r:initrc_t:s0-s15:c0.c1023 tcontext=system_u:object_r:sshd_key_t:s0 tclass=file type=SYSCALL msg=audit(1170559562.080:280): arch=c0000032 syscall=1038 success=no exit=-13 a0=60000000000050b0 a1=1a4 a2=12 a3=60000000000062d0 items=0 ppid=1706 pid=1716 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="chmod" exe="/bin/chmod" subj=system_u:system_r:initrc_t:s0-s15:c0.c1023 key=(null) type=AVC msg=audit(1170559562.628:281): avc: denied { setattr } for pid=1720 comm="chmod" name="ssh_host_rsa_key" dev=dm-0 ino=2196747 scontext=system_u:system_r:initrc_t:s0-s15:c0.c1023 tcontext=system_u:object_r:sshd_key_t:s0 tclass=file type=SYSCALL msg=audit(1170559562.628:281): arch=c0000032 syscall=1038 success=no exit=-13 a0=60000000000050b0 a1=180 a2=12 a3=60000000000062d0 items=0 ppid=1706 pid=1720 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="chmod" exe="/bin/chmod" subj=system_u:system_r:initrc_t:s0-s15:c0.c1023 key=(null) type=AVC msg=audit(1170559562.629:282): avc: denied { setattr } for pid=1721 comm="chmod" name="ssh_host_rsa_key.pub" dev=dm-0 ino=2196748 scontext=system_u:system_r:initrc_t:s0-s15:c0.c1023 tcontext=system_u:object_r:sshd_key_t:s0 tclass=file type=SYSCALL msg=audit(1170559562.629:282): arch=c0000032 syscall=1038 success=no exit=-13 a0=60000000000050b0 a1=1a4 a2=12 a3=60000000000062d0 items=0 ppid=1706 pid=1721 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="chmod" exe="/bin/chmod" subj=system_u:system_r:initrc_t:s0-s15:c0.c1023 key=(null) type=AVC msg=audit(1170559562.909:283): avc: denied { setattr } for pid=1724 comm="chmod" name="ssh_host_dsa_key" dev=dm-0 ino=2196750 scontext=system_u:system_r:initrc_t:s0-s15:c0.c1023 tcontext=system_u:object_r:sshd_key_t:s0 tclass=file type=SYSCALL msg=audit(1170559562.909:283): arch=c0000032 syscall=1038 success=no exit=-13 a0=60000000000050b0 a1=180 a2=12 a3=60000000000062d0 items=0 ppid=1706 pid=1724 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="chmod" exe="/bin/chmod" subj=system_u:system_r:initrc_t:s0-s15:c0.c1023 key=(null) type=AVC msg=audit(1170559562.910:284): avc: denied { setattr } for pid=1725 comm="chmod" name="ssh_host_dsa_key.pub" dev=dm-0 ino=2196752 scontext=system_u:system_r:initrc_t:s0-s15:c0.c1023 tcontext=system_u:object_r:sshd_key_t:s0 tclass=file type=SYSCALL msg=audit(1170559562.910:284): arch=c0000032 syscall=1038 success=no exit=-13 a0=60000000000050b0 a1=1a4 a2=12 a3=60000000000062d0 items=0 ppid=1706 pid=1725 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="chmod" exe="/bin/chmod" subj=system_u:system_r:initrc_t:s0-s15:c0.c1023 key=(null) type=AVC msg=audit(1170559563.046:285): avc: granted { setfscreate } for pid=1727 comm="cp" scontext=system_u:system_r:initrc_t:s0-s15:c0.c1023 tcontext=system_u:system_r:initrc_t:s0-s15:c0.c1023 tclass=process type=SYSCALL msg=audit(1170559563.046:285): arch=c0000032 syscall=1027 success=yes exit=30 a0=3 a1=6000000000011da0 a2=1e a3=c00000000000038b items=0 ppid=1706 pid=1727 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="cp" exe="/bin/cp" subj=system_u:system_r:initrc_t:s0-s15:c0.c1023 key=(null) type=AVC msg=audit(1170559563.047:286): avc: denied { create } for pid=1727 comm="cp" name="localtime" scontext=system_u:system_r:initrc_t:s0-s15:c0.c1023 tcontext=system_u:object_r:locale_t:s0 tclass=file type=SYSCALL msg=audit(1170559563.047:286): arch=c0000032 syscall=1028 success=no exit=-13 a0=6000000000011d70 a1=41 a2=81a4 a3=0 items=0 ppid=1706 pid=1727 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="cp" exe="/bin/cp" subj=system_u:system_r:initrc_t:s0-s15:c0.c1023 key=(null) Fixed in selinux-policy-2.4.6-36 A package has been built which should help the problem described in this bug report. This report is therefore being closed with a resolution of CURRENTRELEASE. You may reopen this bug report if the solution does not work for you. |