Description of problem: Since some time, I've the following here in /var/log/secure: Aug 12 16:16:28 tux sshd[17663]: pam_unix(sshd:session): session opened for user robert by (uid=0) Aug 12 16:16:28 tux sshd[17663]: pam_selinux(sshd:session): conversation failed Aug 12 16:16:28 tux sshd[17663]: pam_selinux(sshd:session): No response to query: Would you like to enter a security context? [N] Aug 12 16:16:28 tux sshd[17663]: pam_selinux(sshd:session): Unable to get valid context for robert Aug 12 16:16:29 tux sshd[17663]: error: ssh_selinux_setup_pty: security_compute_relabel: Invalid argument What the hell is this and why does it appear? IMHO this shouldn't be the case. Version-Release number of selected component (if applicable): libselinux-2.0.71-1 openssh-5.1p1-2 How reproducible: Everytime for me, e.g. during SSH login. Actual results: Very strange messages in /var/log/secure during SSH login. Expected results: No strange messages in /var/log/secure as in the past.
Do you have any special options in you /etc/pam.d/sshd grep selinux /etc/pam.d/sshd # pam_selinux.so close should be the first session rule session required pam_selinux.so close # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params
Nothing special I would say, grep returns the same for me here: # pam_selinux.so close should be the first session rule session required pam_selinux.so close # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params
What context is sshd running as? ps -eZ | grep sshd
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 5995 ? 00:00:00 sshd ARGS. Something destroyed the SELinux labeling. Sorry for bothering. I'll open a bug report when I know what destroyed it...