Bug 459510
Summary: | SELinux is preventing /usr/sbin/sshd (sshd_t) "append" to (var_log_t). | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | David Lee Lambert <dllamber> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 8 | CC: | jkubin |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-08-29 16:49:09 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
David Lee Lambert
2008-08-19 15:49:32 UTC
What is the AVC you are seeing? grep avc /var/log/audit/audit.log I no of no log file that ssh would need to append to. You should also update to the latest selinux policy for fc8 yum -y upgrade selinux-policy You might want to update all of your system yum -y upgrade type=AVC msg=audit(1219161384.508:133): avc: denied { append } for pid=23367 comm="sshd" name="btmp" dev=dm-0 ino=851979 scontext=unconfined_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_log_t:s0 tclass=file type=AVC msg=audit(1219161384.604:134): avc: denied { getattr } for pid=23367 comm="sshd" path="/var/log/btmp" dev=dm-0 ino=851979 scontext=unconfined_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_log_t:s0 tclass=file sshd is also configured to log via syslog; but I believe it writes to /dev/log, context "unconfined_u:object_r:devlog_t:s0", so that can't be the problem here. This is after a "yum -y upgrade" and "yum remove openssh-server; yum install openssh-server". restorecon /var/log/btmp Should fix. Some how this got the wrong context on it. Did someone/process delete and recreate the file? |