148639 – net-misc/openssh-4.3_p2-r3 in selinux environment fails

Bug 148639 - net-misc/openssh-4.3_p2-r3 in selinux environment fails

Summary: net-misc/openssh-4.3_p2-r3 in selinux environment fails

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Hardened (show other bugs)
Hardware:	x86 Linux

Importance:	High critical
Assignee:	Gentoo's Team for Core System packages

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-09-22 05:41 UTC by Alex K.
Modified:	2006-09-22 15:31 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
proposed fix (openssh.patch,1.22 KB, patch) 2006-09-22 05:48 UTC, petre rodan (RETIRED)	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alex K. 2006-09-22 05:41:34 UTC

From the gentoo-hardened mailing list:

>> Kernel: 2.6.16-hardened-r10
>> Policy version: 20
>> 
>>After upgrading net-misc/openssh-4.3_p2-r1 to net-misc/openssh-4.3_p2-r3 and
>>restarting the sshd daemon the login won't work anymore. It seems that ssh
>>doesn't switch the incoming user into the staff_r anymore and SE thows audits.
>
>true.
>both the selinux patch and the ebuild needs to be fixed.

Verified on 2005.1/x86/hardened using kernel-2.6.16-hardened-r11.

Comment 1 petre rodan (RETIRED) gentoo-dev

2006-09-22 05:48:16 UTC

Created attachment 97741 [details, diff]
proposed fix

Comment 2 SpanKY gentoo-dev

2006-09-22 15:31:55 UTC

should be fixed in 4.3_p2-r4