Bug ID 1195904
Summary SELinux: targeted: ssh violation
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.3
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Basesystem
Assignee screening-team-bugs@suse.de
Reporter okir@suse.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

The following happens with the SELinux packages from MicroOS 5.1 on SLES15SP3.
User "testuser" has been assigned SELinux user user_u and attempts to log in
via ssh, using key authentication

TEST: verify that the SSH key we generated can be used for authentication
== Authorizing ssh key id_rsa ==
client: echo $HOME; user=testuser
client: downloading /home/testuser/.ssh/id_rsa.pub
server: mkdir -m 0755 -p ~/.ssh; user=testuser
server: uploading data to /home/testuser/.ssh/authorized_keys
client: ssh -oStrictHostKeyChecking=no server true; user=testuser
Warning: Permanently added 'server,192.168.121.205' (ECDSA) to the list of
known hosts.
Failing: server: SELinux policy violation
server:   by systemd (pid=4281; context=user_u:user_r:user_t:s0; permissive=1)
server:     create access to dir inaccessible (dev=None; ino=None;
context=system_u:object_r:user_tmp_t:s0)
server:     create access to file reg (dev=None; ino=None;
context=system_u:object_r:user_tmp_t:s0)
server:     create access to fifo_file fifo (dev=None; ino=None;
context=system_u:object_r:user_tmp_t:s0)
server:     create access to sock_file sock (dev=None; ino=None;
context=system_u:object_r:user_tmp_t:s0)
server:     create access to lnk_file .#invocation:dbus.socketbf6abda56b666fe5
(dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0)
OK, RSA key authentication seems to work
FAIL: server: SELinux policy violation

You are receiving this mail because: