Bug 172409 - Can't kill (another) session of the same user
Summary: Can't kill (another) session of the same user
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: util-linux
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Karel Zak
QA Contact: Ben Levenson
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-11-04 00:16 UTC by Robert Scheck
Modified: 2007-11-30 22:11 UTC (History)
0 users

(edit)
Clone Of:
(edit)
Last Closed: 2006-08-21 14:32:17 UTC


Attachments (Terms of Use)

Description Robert Scheck 2005-11-04 00:16:11 UTC
Description of problem:
For example, open up two sessions using ssh with the same user:

> who -H -u -w
NAME       LINE         TIME         IDLE          PID COMMENT
robert   + pts/4        Nov  3 12:41   .         11181 (nicehost)
robert   + pts/5        Nov  3 12:41   .         11222 (nicehost)
>

> echo $SSH_TTY
/dev/pts/4
> 

> kill -9 11222
-bash: kill: (11222) - Die Operation ist nicht erlaubt
>

Oh, and what I noticed later:

>
kill -9 11181
-bash: kill: (11181) - Die Operation ist nicht erlaubt
>

"Die Operation ist nicht erlaubt" means something like, that I'm not allowed to 
do this.

Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.27.2-11
selinux-policy-targeted-1.27.2-12

How reproducible:
Everytime, see above.

Actual results:
Can't kill another session of the same user. Can't also kill my own session.

Expected results:
What isn't possible, currently and described.

Additional info:
I'm assigning this bug report against the policy because, as far as I can 
remember, this worked without enabled MCS/MLS.

Comment 1 Daniel Walsh 2005-11-04 12:41:34 UTC
I don't believe this is an SELinux bug.

Did you see any AVC Messages?

You could prove it is not selinux by setenforce 0
and then try it,  if you still can not kill the process, it is not SELinux.

Comment 2 Robert Scheck 2005-11-04 12:45:09 UTC
Okay, you're right - sorry for bothering. And to which component have I to 
reassign this now?

Comment 3 Daniel Walsh 2005-11-04 14:28:20 UTC
Well first try util-linux.  (It contains the kill command.)

Comment 4 Robert Scheck 2006-05-31 21:07:46 UTC
Ping?

Comment 5 Karel Zak 2006-08-21 14:32:17 UTC
Please, check the PID by "ps aux | grep <PID>". I think you're sending the
signal to ssh process which has root permissions...

$ who -H -u -w
NAME       LINE         TIME         IDLE          PID COMMENT
kzak     + pts/5        Aug 21 16:29 00:01       27190 (petra)

$ ps aux | grep 27190
root     27190  0.0  0.4   7788  2508 ?        Ss   16:29   0:00 sshd: kzak [priv]





Note You need to log in before you can comment on or make changes to this bug.