Bug 465283
Summary: | SELinux denials on remote root login | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Orion Poplawski <orion> | ||||
Component: | openssh | Assignee: | Tomas Mraz <tmraz> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 10 | CC: | dwalsh, mcepl, mgrepl, tmraz | ||||
Target Milestone: | --- | Keywords: | Reopened, SELinux | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2008-11-30 05:39:38 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Orion Poplawski
2008-10-02 15:38:12 UTC
This is a kernel bug, but I will get rid of the avc for now. Fixed in selinux-policy-3.5.9-5.fc10.noarch Created attachment 323900 [details]
output from SEtroubleshoot
Happens again with
[matej@hubmaier ~]$ rpm -q openssh selinux-policy-targeted kernel
openssh-5.1p1-3.fc10.x86_64
selinux-policy-targeted-3.5.13-18.fc10.noarch
kernel-2.6.27.5-94.fc10.x86_64
kernel-2.6.27.4-79.fc10.x86_64
kernel-2.6.27.5-101.fc10.x86_64
kernel-2.6.27.5-109.fc10.x86_64
[matej@hubmaier ~]$ uname -r
2.6.27.5-109.fc10.x86_64
[matej@hubmaier ~]$
Well I run this under audit2allow on selinux-policy-targeted-3.5.13-21.fc10.noarch and it says it should be allowed. This bug appears to have been reported against 'rawhide' during the Fedora 10 development cycle. Changing version to '10'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping I don't see this anymore. |