Orion Poplawski wrote:
Daniel J Walsh wrote:
What context is your sshd running under?
Normal sshd runs under
system_u:system_r:sshd_t:SystemLow-SystemHigh
I think you might be having a problem if you sshd is only running at
s0 and trying to log people in at
SystemLow-SystemHigh.
Well, in permissive mode it ends up like:
root:system_r:unconfined_t:SystemLow-SystemHigh orion 7737 7732 0
13:45 ? 00:00:00 sshd: orion@notty
But this is after login. I'm not sure there's a good way to tell what
it is before the login completes though - unless the error messages
indicate that it is running in s0.
How can I make sure that it is running at SystemLow-SystemHigh to
start with? Get the SGE daemons running in that mode so that children
inherit that?
Or setup a transition from the SGE Daemons to sshd_t:s0-SystemHigh
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
