Bug 122523 - restarts ssh but with incorrect security context
restarts ssh but with incorrect security context
Product: Fedora
Classification: Fedora
Component: glibc (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jakub Jelinek
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2004-05-05 10:13 EDT by Tim Waugh
Modified: 2007-11-30 17:10 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-09-30 14:20:41 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Tim Waugh 2004-05-05 10:13:25 EDT
Description of problem:
Upgrading glibc on an enforcing-mode SELinux machine renders it
incapable of accepting remote ssh logins until ssh is restarted by hand.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Run SELinux enforcing mode.
2. Log in via ssh -- it works
3. Upgrade glibc (ssh is restarted in %post)
4. Try to log in via ssh - the log in is refused

This is because sshd is running in rpm_t context, due to being
restarted in an rpm scriptlet.
Comment 1 Ulrich Drepper 2004-09-30 07:11:33 EDT
I thing I updated my system today without explicitly restarting ssh
(i.e., the glibc spec file did).  Login still works.  Can somebody
confirm this is still a problem?  If yes, will we need to use the new
Comment 2 Tim Waugh 2004-09-30 07:12:40 EDT
Not sure; I'm not using SELinux at the moment I'm afraid.
Comment 3 Daniel Walsh 2004-09-30 09:45:44 EDT
This should not be a problem.  The 'su' replacement (Which it is not)
is only used for init startup scripts and cron jobs.  Basically any
place where you don't need the suid and pam stuff.

Comment 5 Ulrich Drepper 2004-09-30 12:35:09 EDT
So you're saying the whole bug should not be an issue and can be
closed?  Was there something back in May which could have caused problems?

And: What is the reason for posting the URL?
Comment 6 Daniel Walsh 2004-09-30 14:20:41 EDT
Yes rpm updates were doing a service restart which caused ssh to come
up in the wrong state.  

Oops, I pasted the html in the wrong page.  Got to stop reading two
bugzillas at once.

Note You need to log in before you can comment on or make changes to this bug.