Bug 994173
Summary: | SELinux is preventing /usr/sbin/sshd from 'name_connect' accesses on the tcp_socket . | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Kevin <mephisto> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 19 | CC: | dominick.grift, dwalsh, mgrepl |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Unspecified | ||
Whiteboard: | abrt_hash:c359d99806801bfd4fa2da506efe20214d54b1ae7b88332260d83b7b54f78c6d | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-08-07 18:15:52 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Kevin
2013-08-06 16:06:53 UTC
Did you read the alert? ***** Plugin catchall_boolean (47.5 confidence) suggests ******************* If you want to allow authlogin to yubikey Then you must tell SELinux about this by enabling the 'authlogin_yubikey' boolean. You can read 'None' man page for more details. Do setsebool -P authlogin_yubikey 1 Yes, I did. Did you read my original comments? We don't want to allow it by default. Basically this is a reason why we have booleans. # setsebool -P authlogin_yubikey 1 is for the permanent change. |