Bug 121735 - sudo fails to execute commands, appearing to clash with selinux policy
sudo fails to execute commands, appearing to clash with selinux policy
Product: Fedora
Classification: Fedora
Component: policy (Show other bugs)
i686 Linux
medium Severity high
: ---
: ---
Assigned To: Thomas Woerner
Ben Levenson
: 122160 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2004-04-26 18:10 EDT by Shawn M. Jones
Modified: 2007-11-30 17:10 EST (History)
2 users (show)

See Also:
Fixed In Version: Fedora Core 3 Test 1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-07-17 00:00:04 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Hardware Info, Output of lspci (9.20 KB, text/plain)
2004-04-26 18:14 EDT, Shawn M. Jones
no flags Details
Logfile (/var/log/messages) with plenty of messages (42.83 KB, text/plain)
2004-04-26 18:15 EDT, Shawn M. Jones
no flags Details

  None (edit)
Description Shawn M. Jones 2004-04-26 18:10:44 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6)
Gecko/20040304 Firefox/0.8

Description of problem:
For some reason sudo doesn't seem to function for me anymore.  My
account, "smj", is in the /etc/sudoers file, and this hasn't changed
since I upgraded from test2 to test 3.

What has changed is that I can't seem to do anything with sudo since I
upgraded the system.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.  Login as a user in the /etc/sudoers file that has ALL=(ALL) ALL
2.  Type sudo followed by any command of your choice.
3.  Enter your password, if necessary.

Actual Results:  The prompt returns the following:
sudo: unable to exec /usr/sbin/sesh: Permission denied

Within /var/log/messages, the following is returned:
Apr 26 18:15:25 shekhina kernel: audit(1083017725.655:0): avc:  denied
 { execute_no_trans } for  pid=1965 exe=/usr/bin/sudo
path=/usr/sbin/sesh dev=dm-2 ino=622886
tcontext=system_u:object_r:shell_exec_t tclass=file

Expected Results:  The command will be executed with the permissions
as granted in /etc/sudoers.

Additional info:

I'm still pretty new to Fedora Core 2 Test 3 and selinux.  The account
"smj" authenticates via NIS to a server running Debian 3.0.  This was
not a problem during Fedora Core 2 Test 2, so something in the upgrade
done this weekend changed sudo's behavior.

The line in /var/log/messages makes me think that it is related to the
selinux policy for the system.  If I'm using something incorrectly,
then forgive me, but it doesn't seem to work as advertised.
Comment 1 Shawn M. Jones 2004-04-26 18:14:14 EDT
Created attachment 99705 [details]
Hardware Info, Output of lspci

I doubt this is useful, but didn't want you to be without.
Comment 2 Shawn M. Jones 2004-04-26 18:15:59 EDT
Created attachment 99706 [details]
Logfile (/var/log/messages) with plenty of messages

This should be more useful, I hope.
Comment 3 Ben Levenson 2004-05-26 15:56:34 EDT
*** Bug 122160 has been marked as a duplicate of this bug. ***
Comment 4 Shawn M. Jones 2004-07-17 00:00:04 EDT
I'm closing this out as it appears to have been fixed by FC3 Test 1.

Note You need to log in before you can comment on or make changes to this bug.