[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#430838: openssh-server: Detection of SELinux enforcing mode is broken

forwarded 430838 http://bugzilla.mindrot.org/show_bug.cgi?id=1325
tags 430838 pending
thanks

On Wed, Jun 27, 2007 at 12:03:04PM -0400, Brian T. Sniffen wrote:
> Package: openssh-server
> Version: 1:4.6p1-2
> Severity: grave
> Justification: causes non-serious data loss
> 
> I just upgraded to this version of openssh on a system with SELinux
> enabled but in permissive mode.  Thank goodness I left an SSH session
> open: connections after that succeeded at authentication, but were
> immediately closed by the server.  The following log messages appeared:
> 
> Jun 27 09:56:07 teleri sshd[12293]: pam_selinux: Open Session
> Jun 27 09:56:07 teleri sshd[12293]: Unable to get valid context for bts, No valid tty
> Jun 27 09:56:07 teleri sshd[12293]: error: PAM: pam_open_session(): Authentication failure
> Jun 27 09:56:07 teleri sshd[12293]: error: ssh_selinux_getctxbyname: Failed to get default SELinux security context for bts
> Jun 27 09:56:07 teleri sshd[12293]: fatal: ssh_selinux_getctxbyname: Failed to get default SELinux security context for bts (in enforcing mode)

Thanks. I've forwarded this upstream as bug #1325 and fixed it in my CVS
repository.

Cheers,

-- 
Colin Watson                                       [cjwatson@debian.org]
Reply to: