1600128 – shellinabox rpm is missing selinux bits - does not work in enforced selinux

Bug 1600128 - shellinabox rpm is missing selinux bits - does not work in enforced selinux

Summary: shellinabox rpm is missing selinux bits - does not work in enforced selinux

Keywords:
Status:	NEW
Alias:	None
Product:	Fedora EPEL
Classification:	Fedora
Component:	shellinabox
Sub Component:
Version:	epel7
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Simone Caronni
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-07-11 13:31 UTC by lejeczek
Modified:	2018-07-11 13:31 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description lejeczek 2018-07-11 13:31:51 UTC

Description of problem:

Shellinabox fails to login users when selinux is enforced.
This happens:

#!!!! The file '/usr/bin/bash' is mislabeled on your system.
#!!!! Fix with $ restorecon -R -v /usr/bin/bash
allow unconfined_service_t unconfined_t:process transition; 

There seems to be selinux module shellinabox creators provide:

https://github.com/shellinabox/shellinabox/tree/master/misc/selinux/shellinabox

which I tried and it seems to work.
I'd imagine simple fix would be for an selinux expert to look at it and if good just include it with rpm package.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Note You need to log in before you can comment on or make changes to this bug.