sshd....denied transition...funny looking avc
Stephen Smalley
sds at epoch.ncsc.mil
Mon Jul 26 15:14:13 UTC 2004
On Thu, 2004-07-22 at 16:25, Tom London wrote:
> [running latest FC3T1 w/ latest mods from devel tree, strict/enforcing
> kernel-2.6.7-1.494, openssh-3.8.1p1-4]
>
> Attempting to scp into this host fails with
> 'Read from remote host HOST: connection reset by peer'
Looks like run_ssh_inetd tunable was enabled (wrongly) in tunable.te;
this replaces the normal transition from initrc_t (normal daemon
startup) with one from inetd_t (inetd-based startup), so sshd is left in
the wrong domain.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the selinux
mailing list