-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/01/2012 07:57 PM, Vadym Chepkov wrote:
> Hi,
>
> Not sure if it's a bug or a "feature"
>
> RHEL6.3 selinux-policy-targeted-3.7.19-155.el6_3.noarch
>
> was getting bunch of these:
>
> ---- time->Tue Jul 31 11:22:21 2012 type=SYSCALL
> msg=audit(1343733741.446:154): arch=c000003e syscall=2 success=no exit=-13
> a0=7f740329e7d0 a1=800 a2=1 a3=24 items=0 ppid=946 pid=1291 auid=4294967295
> uid=0 gid=0 euid=1001 suid=0 fsuid=1001 egid=513 sgid=0 fsgid=513
> tty=(none) ses=4294967295 comm="sshd" exe="/usr/sbin/sshd"
> subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1343733741.446:154): avc: denied { read } for pid=1291
> comm="sshd" name="authorized_keys" dev=xvdb ino=3368578
> scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
> tcontext=unconfined_u:object_r:home_root_t:s0 tclass=file
>
> authorized_keys file didn't even exist for root user, it is not allowed to
> login remotely. Silenced it down by creating empty authorized_keys file
> with ssh_home_t context.
>
> Cheers, Vadym
>
> -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
More like a labeling problem.
restorecon -R -v /home
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAadmIACgkQrlYvE4MpobN2QQCdGBwDd/CdFIwTLll8gpj45iY5
ynsAoMvxQtMaWHI8Hz4gbU1wk/ZtbClg
=PurL
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
