sshd....denied transition...funny looking avc
Tom London
selinux at comcast.net
Thu Jul 22 20:25:48 UTC 2004
[running latest FC3T1 w/ latest mods from devel tree, strict/enforcing
kernel-2.6.7-1.494, openssh-3.8.1p1-4]
Attempting to scp into this host fails with
'Read from remote host HOST: connection reset by peer'
/var/log/messages on this host shows:
Jul 22 12:05:18 fedora sshd(pam_unix)[13899]: session opened for user
root by (uid=0)
Jul 22 12:05:18 fedora
kernel:
audit(1090523118.784:0): avc: denied { transition } for pid=13899
exe=/usr/sbin/sshd
Jul 22 12:05:26 fedora sshd(pam_unix)[13902]: session opened for user
root by (uid=0)
Jul 22 12:05:26 fedora
kernel:
audit(1090523126.143:0): avc: denied { transition } for pid=13902
exe=/usr/sbin/sshd
[There appear to be 145 blank characters after 'kernel:' and before 'audit('
on the lines above.]
/usr/sbin/sshd appears to be labeled correctly;
-rwxr-xr-x root root system_u:object_r:sshd_exec_t
/usr/sbin/sshd
tom
More information about the selinux
mailing list