Red Hat Bugzilla – Full Text Bug Listing
|Summary:||can not login to the installer unless selinux=0 is passed on the kernel bootline|
|Product:||[Fedora] Fedora||Reporter:||Ales Kozumplik <akozumpl>|
|Component:||openssh||Assignee:||Jan F. Chadima <jchadima>|
|Status:||CLOSED NEXTRELEASE||QA Contact:||Fedora Extras Quality Assurance <extras-qa>|
|Version:||rawhide||CC:||bugzilla, jchadima, jzeleny, mattias.ellert, mgrepl, tmraz|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2011-04-13 02:08:29 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Ales Kozumplik 2011-03-30 05:27:38 EDT
Description of problem: Since the 20110216 rawhide compose it is no longer possible to login to the installer via ssh. This is the error (selinux is in permissive according to /etc/selinux/config): [akozumpl@aklab ~]$ ssh root@ak Warning: Permanently added 'ak,10.34.39.95' (RSA) to the list of known hosts. root@ak's password: Write failed: Broken pipe Version-Release number of selected component (if applicable): Because this still works in the 0215 compose, it can be tracked down to an update in openssh: in 0215 the packages are: openssh-clients-5.6p1-30.fc15.x86_64.rpm openssh-5.6p1-30.fc15.x86_64.rpm openssh-server-5.6p1-30.fc15.x86_64.rpm in 0216 the packages are: openssh-clients-5.8p1-1.fc16.1.x86_64.rpm openssh-5.8p1-1.fc16.1.x86_64.rpm openssh-server-5.8p1-1.fc16.1.x86_64.rpm How reproducible: always Steps to Reproduce: 1. boot into the installer with 'sshd' included on the bootline. 2. from another machine do: ssh root@<machine> Actual results: error, broken pipe, session is closed immediately Expected results: logged in, ssh session starts showing a shell Additional info: I verified that copying /usr/sbin/sshd from the 0215 to the 0216 compose fixes the problem.
Comment 1 Ales Kozumplik 2011-03-30 06:37:45 EDT
Observation: it apparently doesn't matter what we set in /etc/selinux/config. permissive or disabled both result in non-working ssh login. The only thing that workarounds this is setting selinux=0 on the kernel bootline.
Comment 2 Jan F. Chadima 2011-04-04 14:18:54 EDT
please try last rawhide build and report
Comment 3 Ales Kozumplik 2011-04-05 02:05:51 EDT
Hi Jan, I've got this on my mind, however the official rawhide composes have been failing steadily the last week or so so the latest openssh (and other packages) have not propagated to the mirrors yet. Will keep this in needinfo and retest asap.
Comment 4 Steve 2011-04-06 03:23:47 EDT
I don't know about the installer but i've the same issue with the system already installed. Since weeks i cannot log-in with gdm or ssh unless selinux=0 is passed on the kernel bootline. selinux-policy-3.9.16-10.fc15.noarch libselinux-python-2.0.99-4.fc15.x86_64 libselinux-2.0.99-4.fc15.x86_64 selinux-policy-targeted-3.9.16-10.fc15.noarch libselinux-utils-2.0.99-4.fc15.x86_64
Comment 5 Jan F. Chadima 2011-04-06 04:54:45 EDT
(In reply to comment #4) > I don't know about the installer but i've the same issue with the system > already installed. Since weeks i cannot log-in with gdm or ssh unless selinux=0 > is passed on the kernel bootline. > what is your version of openssh?
Comment 6 Steve 2011-04-06 06:50:50 EDT
openssh-clients-5.6p1-30.fc15.x86_64 openssh-server-5.6p1-30.fc15.x86_64 libssh2-1.2.7-1.fc15.x86_64 openssh-5.6p1-30.fc15.x86_64
Comment 7 Jan F. Chadima 2011-04-06 07:13:35 EDT
(In reply to comment #6) > openssh-clients-5.6p1-30.fc15.x86_64 > openssh-server-5.6p1-30.fc15.x86_64 > libssh2-1.2.7-1.fc15.x86_64 > openssh-5.6p1-30.fc15.x86_64 this version is not buggy ...
Comment 8 Steve 2011-04-10 03:03:10 EDT
In my case, the bug is fixed with today's update of selinux-*-3.9.16-13.
Comment 9 Ales Kozumplik 2011-04-12 13:08:08 EDT
For Anaconda this seems to be fixed with openssh-5.8p1-25.fc16.1.x86_64.
Comment 10 Jan F. Chadima 2011-04-13 02:08:29 EDT
closing as solved