528770 – Selinux preventing password reset

Bug 528770 - Selinux preventing password reset

Summary: Selinux preventing password reset

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2009-10-13 16:13 UTC by Mike McGrath
Modified:	2009-10-13 22:13 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2009-10-13 22:13:33 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
Generated from a recent rawhide. (2.01 KB, application/octet-stream) 2009-10-13 16:13 UTC, Mike McGrath	no flags	Details
View All

Description Mike McGrath 2009-10-13 16:13:44 UTC

Created attachment 364623 [details]
Generated from a recent rawhide.

Description of problem:

Boot into single user mode with selinux enforcing, run passwd.

Version-Release number of selected component (if applicable):

selinux-policy-3.6.32.-24.fc12

How reproducible:

every time.

Steps to Reproduce:
1. Reboot
2. append 'single' to the kernel params
3. run passwd
  
Actual results:

passwd generates a denial (see attached)

Expected results:

Should prompt for a new root password.

Comment 1 Daniel Walsh 2009-10-13 22:13:33 UTC

Fixed in selinux-policy-3.6.32-26.fc12.noarch

Looks like passwd_t needs to read the console for this to work.

Note You need to log in before you can comment on or make changes to this bug.