From: kindloaf@gmail.com (Hong)
Date: Sat, 6 Sep 2008 20:36:07 -0400
Subject: [refpolicy] Cannot use SSH with Refpolicy in Ubuntu Hardy
Message-ID: <f00ed96d0809061736x73650e80s159ab2d5f2309cc2@mail.gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hi,

I downloaded the source of refpolicy in Hardy.  (`apt-get source
refpolicy`).  I compiled the policy and loaded it.  And then I reboot the
system with PERMISSIVE mode.  (add `enforcing=0` in the kernel options when
booting)

Now I cannot login the system remotely using ssh.  Note that the system is
in PERMISSIVE mode! (`getenforce` returns `Permissive`).  Everytime I tried
`ssh my_host_name` and enter the correct password, the client side shows
"Read from remote host my_host_name: Connection reset by peer
Connection to my_host_name."

And after each unsuccessful login, the /var/log/audit/audit.log file on the
server   added a line:
"type=ANOM_ABEND msg=audit(1220746818.492:93): audit=4294967295 uid=1000
gid=1000 subj=system_u:system_r:sysadm_t pid=4713 comm="sshd" sig=6"

By the way, when I use `make load` to load the policy, there is a one-line
error message
'[19691.816572] secuirty; context system-u;system-r;sysadm-mail-t is
invalid'

I am not quite familiar with the messages.  Can anyone help me to see what's
going?


Thanks,
Hong
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20080906/5de1a6e1/attachment.html