Bug 207998 - incorrect error message from run_init
Summary: incorrect error message from run_init
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: policycoreutils   
(Show other bugs)
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-09-25 18:58 UTC by Linda Knippers
Modified: 2007-11-30 22:11 UTC (History)
2 users (show)

Fixed In Version: selinux-policy-2.4.3-10.fc6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-11-28 14:52:24 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Linda Knippers 2006-09-25 18:58:16 UTC
Description of problem:
I'm running an FC6 system with the mls policy in enforcing mode.
When I'm logged in as root and in the staff_r role and try to use
run_init to restart a service, it tells me "incorrect password for
root" when I know the password is correct.  I think if I can't run
the program from the role I'm in, it should say that or tell me
permission denied.

Version-Release number of selected component (if applicable):
policycoreutils-1.30.28-2
selinux-policy-mls-2.3.13-5


How reproducible:


Steps to Reproduce:
1.log in as root and still be in the default staff_r role
2.run_init /etc/init.d/cups restart
3.enter the correct root passwd
  
Actual results:
[root@kipper linux-2.6.17.i386]# run_init /etc/init.d/cups restart
Authenticating root.
Password:
run_init: incorrect password for root
authentication failed.

Expected results:

Some more meaningful error message

Additional info:

I know the passwd is correct because I've done this a number of times.
If I do the same thing from the sysadm_r role then it works just fine.

Comment 1 Daniel Walsh 2006-11-28 14:52:24 UTC
Fixed in the latest policy.  You should get permission denied.


Note You need to log in before you can comment on or make changes to this bug.