[Bug 1195904] New: SELinux: targeted: ssh violation
https://bugzilla.suse.com/show_bug.cgi?id=1195904 Bug ID: 1195904 Summary: SELinux: targeted: ssh violation Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.3 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs@suse.de Reporter: okir@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- The following happens with the SELinux packages from MicroOS 5.1 on SLES15SP3. User "testuser" has been assigned SELinux user user_u and attempts to log in via ssh, using key authentication TEST: verify that the SSH key we generated can be used for authentication == Authorizing ssh key id_rsa == client: echo $HOME; user=testuser client: downloading /home/testuser/.ssh/id_rsa.pub server: mkdir -m 0755 -p ~/.ssh; user=testuser server: uploading data to /home/testuser/.ssh/authorized_keys client: ssh -oStrictHostKeyChecking=no server true; user=testuser Warning: Permanently added 'server,192.168.121.205' (ECDSA) to the list of known hosts. Failing: server: SELinux policy violation server: by systemd (pid=4281; context=user_u:user_r:user_t:s0; permissive=1) server: create access to dir inaccessible (dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0) server: create access to file reg (dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0) server: create access to fifo_file fifo (dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0) server: create access to sock_file sock (dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0) server: create access to lnk_file .#invocation:dbus.socketbf6abda56b666fe5 (dev=None; ino=None; context=system_u:object_r:user_tmp_t:s0) OK, RSA key authentication seems to work FAIL: server: SELinux policy violation -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195904
Olaf Kirch
https://bugzilla.suse.com/show_bug.cgi?id=1195904
Filippo Bonazzi
https://bugzilla.suse.com/show_bug.cgi?id=1195904
https://bugzilla.suse.com/show_bug.cgi?id=1195904#c1
Johannes Segitz
https://bugzilla.suse.com/show_bug.cgi?id=1195904
Filippo Bonazzi
https://bugzilla.suse.com/show_bug.cgi?id=1195904
https://bugzilla.suse.com/show_bug.cgi?id=1195904#c2
Johannes Segitz
participants (1)
-
bugzilla_noreply@suse.com