On Thu, Sep 11, 2008 at 02:01:08PM -0700, Justin Mattock wrote: >... > appologize for the latency with getting back to you; > you might have the ssh version from sid, if so > do /etc/init.d/ssh stop and start if you notice [fail] then thats the issue, > esspecially if people are booting up and not even manually starting the daemon. > As for the policy and ssh I'm in the process of > having two machines in full enforcing mode, having the ability > to do a ssh transaction(need to configure some things); As well > as vncviewer, and shoutcast; all with ipsec. (AH and ESP) > right now I've been able to run all three applications on the machine > that is in full enforcement, but it seems im having issues with ipsec > and shoutcast. > on the server side. > I'll get back to you on this. > > -- > Justin P. Mattock I just reported the bug in sshd http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498684 This is upstream OpenSSH problem too. On Fri, Sep 12, 2008 at 10:09:32AM +0200, David Härdeman wrote: > On Thu, September 11, 2008 14:50, Václav Ovsík wrote: > > Conclusion: Running SE Linux in permissive mode can't prevent you from > > all SE Linux problems every time! (in most cases yes of course :) > > Another example of that is that dbus seems to do SELinux permission checks > even after permissive mode is enabled. > > -- > David Härdeman It should be reported if it is true, IMO. Regards -- Zito -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.