Description of problem: type=SYSCALL msg=audit(1196049769.496:25): arch=c000003e syscall=1 success=no exit=-13 a0=4 a1=2aaaaad37250 a2=2a a3=65726379656b2f72 items=0 ppid=2358 pid=2716 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null) Version-Release number of selected component (if applicable): kernel-2.6.24-0.42.rc3.git1.fc9 openssh-4.7p1-4.fc9 selinux-policy-targeted-3.0.8-56.fc8 How reproducible: Steps to Reproduce: 1. Log in via sshh 2. 3. Actual results: AVC per above Expected results: Nothing special Additional info:
selinux-policy-targeted-3.1.2.fc9
Still seeing the problem. Additional Information Source Context system_u:system_r:sshd_t:SystemLow-SystemHigh Target Context system_u:system_r:sshd_t:SystemLow-SystemHigh Target Objects None [ process ] Affected RPM Packages openssh-server-4.7p1-4.fc9 [application] Policy RPM selinux-policy-3.1.2-1.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name plugins.catchall Host Name sdv Platform Linux sdv 2.6.24-0.43.rc3.git1.fc9 #1 SMP Mon Nov 26 07:50:09 EST 2007 x86_64 x86_64 Alert Count 13 First Seen Mon Nov 26 15:02:49 2007 Last Seen Wed Nov 28 19:36:28 2007 Local ID 5617e447-1320-4ac1-9f78-43059fd1e357 Line Numbers Raw Audit Messages avc: denied { setkeycreate } for comm=sshd egid=0 euid=0 exe=/usr/sbin/sshd exit=-13 fsgid=0 fsuid=0 gid=0 items=0 pid=2761 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 sgid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 suid=0 tclass=process tcontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tty=(none) uid=0
Works for me. audit2why < /tmp/t avc: denied { setkeycreate } for comm=sshd egid=0 euid=0 exe=/usr/sbin/sshd exit=-13 fsgid=0 fsuid=0 gid=0 items=0 pid=2761 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 sgid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 suid=0 tclass=process tcontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tty=(none) uid=0 Was caused by: Unknown - would be allowed by active policy Possible mismatch between this policy and the one under which the audit message was generated. Possible mismatch between current in-memory boolean settings vs. permanent ones.
I confirm this happends on a f7 system updated to f8 with yum on a i686. Everytime I log into ssh, it throws that.
Fixed in selinux-policy-3.0.8-63.fc8
The problem continuous with selinux-policy-3.0.8-63.fc8
Looks like it is there to me. sesearch --allow | grep sshd_t | grep setkey allow sshd_t sshd_t : process { fork sigchld signal setsched setexec setrlimit setkeycreate };
Appears fixed with selinux-policy-targeted-3.2.3-1.fc9
Bulk closing a old selinux policy bugs that were in the modified state. If the bug is still not fixed. Please reopen.