Re: SSH issue : ssh_selinux_copy_context: setcon failed with Invalid argument

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Miroslav,

Thanks for the prompt response.

I do not see a specialuser_u file at the location you specified.

All I see are the following

drwxr-xr-x. 2 root root 4096 Feb  4 13:55 .
drwxr-xr-x. 4 root root 4096 Mar  5 12:19 ..
-rw-r--r--. 1 root root  253 Nov  9  2011 guest_u
-rw-r--r--. 1 root root  389 Nov  9  2011 root
-rw-r--r--. 1 root root  514 Nov  9  2011 staff_u
-rw-r--r--. 1 root root  578 Nov  9  2011 unconfined_u
-rw-r--r--. 1 root root  353 Nov  9  2011 user_u
-rw-r--r--. 1 root root  307 Nov  9  2011 xguest_u

And here are the versions of the selinux-policy rpm.
[root@den-ccm-pub users]# rpm -qa | grep selinux-policy
selinux-policy-targeted-3.7.19-126.el6.noarch
selinux-policy-3.7.19-126.el6.noarch

Thanks,
Anamitra




On 3/19/13 6:10 AM, "Miroslav Grepl" <mgrepl@xxxxxxxxxx> wrote:

>On 03/19/2013 09:57 AM, Dominick Grift wrote:
>> On Tue, 2013-03-19 at 07:19 +0000, Anamitra Dutta Majumdar (anmajumd)
>> wrote:
>>> When trying to perform an sftp operation we encounter a failure even in
>>> permissive mode. The syslogs during the failure are as follows
>>> Is this a known issue?
>>>
>>> Thanks,
>>> Anamitra
>>>
>> This seems to be a default_context/pam issue.
>>
>> Pam and SSH are not able to determine the login context for your user it
>> seems.
>>
>> Did you create a /etc/selinux/targeted/context/users/specialuser_u file
>> with the appropriate default contexts?
>Yes, how does this file look?
>
>Also what does
>
># rpm -q selinux-policy
>>
>> On a slightly unrelated note:
>>
>> It seems that the chroot/sftp functionality is broken.
>>
>> One no longer logs in as chroot_user_t. Either this has changed or its
>> broken.
>>
>> If it has changed then why is there still policy for chroot_user_t?
>>
>>>
>>>
>>>
>>> --
>>> selinux mailing list
>>> selinux@xxxxxxxxxxxxxxxxxxxxxxx
>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>
>> --
>> selinux mailing list
>> selinux@xxxxxxxxxxxxxxxxxxxxxxx
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux