Bug ID | 1195904 |
---|---|
Summary | SELinux: targeted: ssh violation |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | Leap 15.3 |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Basesystem |
Assignee | screening-team-bugs@suse.de |
Reporter | okir@suse.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
The following happens with the SELinux packages from MicroOS 5.1 on SLES15SP3. User "testuser" has been assigned SELinux user user_u and attempts to log in via ssh, using key authentication TEST: verify that the SSH key we generated can be used for authentication == Authorizing ssh key id_rsa == client: echo $HOME; user=testuser client: downloading /home/testuser/.ssh/id_rsa.pub server: mkdir -m 0755 -p ~/.ssh; user=testuser server: uploading data to /home/testuser/.ssh/authorized_keys client: ssh -oStrictHostKeyChecking=no server true; user=testuser Warning: Permanently added 'server,192.168.121.205' (ECDSA) to the list of known hosts. Failing: server: SELinux policy violation server: by systemd (pid=4281; context=user_u:user_r:user_t:s0; permissive=1) server: create access to dir inaccessible (dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0) server: create access to file reg (dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0) server: create access to fifo_file fifo (dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0) server: create access to sock_file sock (dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0) server: create access to lnk_file .#invocation:dbus.socketbf6abda56b666fe5 (dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0) OK, RSA key authentication seems to work FAIL: server: SELinux policy violation