Bug 125568 - sshd fails to complete login for incoming sessions
Summary: sshd fails to complete login for incoming sessions
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-strict   
(Show other bugs)
Version: 2
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-06-08 20:23 UTC by Tom London
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-06-14 01:27:20 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Tom London 2004-06-08 20:23:39 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040510

Description of problem:
When in strict/enforcing mode, sshd no longer completes login
sesssions. Works when in strict/permissive mode.

Here are entries from /var/log/messages:

Jun  8 09:56:23 dell sshd(pam_unix)[3313]: session opened for user tbl
by (uid=0)
Jun  8 09:56:23 dell sshd[3313]: Warning!  Could not get current
context for /dev/ssh, not relabeling.
Jun  8 09:56:23 dell kernel: audit(1086713783.251:0): avc:  denied  {
read write } for  pid=3315 exe=/bin/bash path=/dev/pts/5 dev=devpts
ino=7 scontext=user_u:user_r:user_t
tcontext=system_u:object_r:sshd_devpts_t tclass=chr_file
Jun  8 09:56:23 dell kernel: audit(1086713783.251:0): avc:  denied  {
read write } for  pid=3315 exe=/bin/bash path=/dev/pts/5 dev=devpts
ino=7 scontext=user_u:user_r:user_t
tcontext=system_u:object_r:sshd_devpts_t tclass=chr_file
Jun  8 09:56:23 dell kernel: audit(1086713783.262:0): avc:  denied  {
read write } for  pid=3314 exe=/bin/bash path=/dev/pts/5 dev=devpts
ino=7 scontext=user_u:user_r:user_t
tcontext=system_u:object_r:sshd_devpts_t tclass=chr_file
Jun  8 09:56:23 dell kernel: audit(1086713783.262:0): avc:  denied  {
read write } for  pid=3314 exe=/bin/bash path=/dev/pts/5 dev=devpts
ino=7 scontext=user_u:user_r:user_t
tcontext=system_u:object_r:sshd_devpts_t tclass=chr_file
Jun  8 09:56:23 dell kernel: audit(1086713783.263:0): avc:  denied  {
read write } for  pid=3314 exe=/bin/bash path=/dev/pts/5 dev=devpts
ino=7 scontext=user_u:user_r:user_t
tcontext=system_u:object_r:sshd_devpts_t tclass=chr_file
Jun  8 09:56:23 dell sshd(pam_unix)[3313]: session closed for user tbl


Version-Release number of selected component (if applicable):
selinux-policy-strict-1.13.4-2 openssh-server-3.6.1p2-34

How reproducible:
Always

Steps to Reproduce:
1. ssh into machine with selinux-policy-strict-1.13.4-2
2. ssh hangs or terminates with 'session closed'
3.
    

Additional info:

Comment 1 Daniel Walsh 2004-06-09 18:18:57 UTC
Fixed in openssh-3.8.1p1-2.i386.rpm

Comment 2 Tom London 2004-06-14 01:27:20 UTC
Tested.  Works now.

Thanks!


Note You need to log in before you can comment on or make changes to this bug.