security contexts
Daniel J Walsh
dwalsh at redhat.com
Mon Jan 9 20:14:48 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/09/2012 01:27 PM, m.roth at 5-cent.us wrote:
> Daniel J Walsh wrote:
>> On 01/09/2012 09:33 AM, m.roth at 5-cent.us wrote:
>>> In CentOS 6.2, I'm getting sshd[6116]:
>>> pam_selinux(sshd:session): Security context
>>> unconfined_u:system_r:abrt_helper_t:s0-s0:c0.c1023 is not
>>> allowed for
>>>
>>> and
>>>
>>> sshd[6116]: pam_selinux(sshd:session): Unable to get valid
>>> context for root
>>>
>>> Googling shows me nothing useful - what's causing this? Is it
>>> a
> <snip>
>> ps -eZ | grep sshd.
>>
>
> Did that, and see: system_u:system_r:kernel_t:s0 11506 ?
> 00:00:00 sshd
>
>> You can run
>>
>> fixfiles restore
> <snip> Did this on /dev, /root, /usr, /lib (and the filesystem with
> users' home directories). I'm still getting sshd[12558]: error:
> ssh_selinux_setup_pty: security_compute_relabel: Invalid argument
>
> Clues?
>
> mark
>
> -- selinux mailing list selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
Yes since init was not labeled correctly or anything else. the entire
machine booted as kernel_t, and no transitions happened, now that you
have relabeled everthing, if you reboot all the labels should be correct.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk8LSrgACgkQrlYvE4MpobPtpQCfUlyqmvhmI8oB2yybGHRk6RIY
tSAAnjRIa03NLtBXZXhOcrCFH/CORdQl
=Ea23
-----END PGP SIGNATURE-----
More information about the selinux
mailing list