Red Hat Bugzilla – Bug 725414
Targeted: add rule for ssh-keygen to be able to create .ssh folder with correct context
Last modified: 2012-10-15 09:58:48 EDT
Description of problem:
When running ssh-keygen as a non-root user (under unconfined_t) and the .ssh folder does not exist the tool creates .ssh folder with incorrect context. As all other tools from the ssh package create the .ssh folder with correct context the ssh-keygen tool should behave the same.
This custom module solves this issue:
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. login as non-root user
2. rm -rf ~/.ssh
4. ls -dZ ~/.ssh
drwx------. test test unconfined_u:object_r:user_home_t:SystemLow .ssh/
drwx------. test test unconfined_u:object_r:ssh_home_t:SystemLow .ssh/
Test case for this scenario is a part of CCC testing.
Fixed in selinux-policy-3.7.19-106.el6
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.