Description of problem: Configured squid to use pam_auth (/usr/lib/squid/pam_auth) which authenticates squid users against local users using pam. Selinux denies this, saying: avc: denied { execute } for comm=pam_auth dev=md0 name=unix_chkpwd pid=10491 scontext=root:system_r:squid_t:s0 tclass=file tcontext=system_u:object_r:chkpwd_exec_t:s0 Version-Release number of selected component (if applicable): squid-2.6.STABLE16-2.fc8 How reproducible: always Steps to Reproduce: 1. 2. 3. Actual results: Expected results: selinux should allow squid to authenticate local users. Additional info: Please contact me if anything is missing. I'm happy to help! :)
This particular bug also occurs on RHEL 5.1.
Created attachment 258061 [details] Alert from setroubleshoot.
Please attach your /etc/squid/squid.conf and /etc/pam.d/squid Thanks.
Created attachment 297620 [details] /etc/pam.d/squid, as requested.
Created attachment 297622 [details] /etc/squid/squid.conf, as requested.
Reassigning to selinux-policy.
Created attachment 297643 [details] Selinux alerts I saw these.
Created attachment 297782 [details] Audit log
The new packages are available: http://people.redhat.com/jkubin/selinux/F8/ Test them please, thank you.
These packages work for me
User jkubin's account has been closed
Closing all bugs that have been in modified for over a month. Please reopen if the bug is not actually fixed.