http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=556644 I have just filed the above bug report against the version of openssh-server in Debian/Unstable (Squeeze). It has a patch that moves the code to set the SE Linux context for the child process before calling chroot. The same will be needed in Fedora if it's not there yet. deb http://www.coker.com.au squeeze selinux I've created the above APT repository for Squeeze which has a package that fixes this bug. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498684 The above bug report has a fix for a trivial uninitialised variable bug. Has this been fixed in Fedora yet? http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=556648 Also I filed the above bug report about the internal version of sftp being incompatible with SE Linux (it doesn't involve an exec so the context doesn't change). -- russell@xxxxxxxxxxxx http://etbe.coker.com.au/ My Main Blog http://doc.coker.com.au/ My Documents Blog -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
