semodule
Stephen Smalley
sds at tycho.nsa.gov
Fri Jun 5 14:10:33 UTC 2009
On Sun, 2009-05-31 at 08:36 -0700, Vadym Chepkov wrote:
> I compared /etc/pam.d/sshd of the affected and working system, they are identical. But, I found these entries in /var/log/secure of the system in trouble:
>
> error: ssh_selinux_setup_pty: security_compute_relabel: Invalid argument
>
> I bet it's a smoking gun, I just have no idea what to do about it.
Wait - that means that sshd is still trying to set up the tty label.
Dan, I thought you switched to using pam_selinux instead for sshd? Why
would there be both direct selinux logic in sshd and pam_selinux
in /etc/pam.d/sshd?
--
Stephen Smalley
National Security Agency
More information about the selinux
mailing list