Bug 172409 - Can't kill (another) session of the same user
Can't kill (another) session of the same user
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: util-linux (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Karel Zak
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-11-03 19:16 EST by Robert Scheck
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-21 10:32:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Robert Scheck 2005-11-03 19:16:11 EST
Description of problem:
For example, open up two sessions using ssh with the same user:

> who -H -u -w
NAME       LINE         TIME         IDLE          PID COMMENT
robert   + pts/4        Nov  3 12:41   .         11181 (nicehost)
robert   + pts/5        Nov  3 12:41   .         11222 (nicehost)
>

> echo $SSH_TTY
/dev/pts/4
> 

> kill -9 11222
-bash: kill: (11222) - Die Operation ist nicht erlaubt
>

Oh, and what I noticed later:

>
kill -9 11181
-bash: kill: (11181) - Die Operation ist nicht erlaubt
>

"Die Operation ist nicht erlaubt" means something like, that I'm not allowed to 
do this.

Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.27.2-11
selinux-policy-targeted-1.27.2-12

How reproducible:
Everytime, see above.

Actual results:
Can't kill another session of the same user. Can't also kill my own session.

Expected results:
What isn't possible, currently and described.

Additional info:
I'm assigning this bug report against the policy because, as far as I can 
remember, this worked without enabled MCS/MLS.
Comment 1 Daniel Walsh 2005-11-04 07:41:34 EST
I don't believe this is an SELinux bug.

Did you see any AVC Messages?

You could prove it is not selinux by setenforce 0
and then try it,  if you still can not kill the process, it is not SELinux.
Comment 2 Robert Scheck 2005-11-04 07:45:09 EST
Okay, you're right - sorry for bothering. And to which component have I to 
reassign this now?
Comment 3 Daniel Walsh 2005-11-04 09:28:20 EST
Well first try util-linux.  (It contains the kill command.)
Comment 4 Robert Scheck 2006-05-31 17:07:46 EDT
Ping?
Comment 5 Karel Zak 2006-08-21 10:32:17 EDT
Please, check the PID by "ps aux | grep <PID>". I think you're sending the
signal to ssh process which has root permissions...

$ who -H -u -w
NAME       LINE         TIME         IDLE          PID COMMENT
kzak     + pts/5        Aug 21 16:29 00:01       27190 (petra)

$ ps aux | grep 27190
root     27190  0.0  0.4   7788  2508 ?        Ss   16:29   0:00 sshd: kzak [priv]



Note You need to log in before you can comment on or make changes to this bug.