From: kindloaf@gmail.com (Hong) Date: Sat, 6 Sep 2008 20:36:07 -0400 Subject: [refpolicy] Cannot use SSH with Refpolicy in Ubuntu Hardy Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Hi, I downloaded the source of refpolicy in Hardy. (`apt-get source refpolicy`). I compiled the policy and loaded it. And then I reboot the system with PERMISSIVE mode. (add `enforcing=0` in the kernel options when booting) Now I cannot login the system remotely using ssh. Note that the system is in PERMISSIVE mode! (`getenforce` returns `Permissive`). Everytime I tried `ssh my_host_name` and enter the correct password, the client side shows "Read from remote host my_host_name: Connection reset by peer Connection to my_host_name." And after each unsuccessful login, the /var/log/audit/audit.log file on the server added a line: "type=ANOM_ABEND msg=audit(1220746818.492:93): audit=4294967295 uid=1000 gid=1000 subj=system_u:system_r:sysadm_t pid=4713 comm="sshd" sig=6" By the way, when I use `make load` to load the policy, there is a one-line error message '[19691.816572] secuirty; context system-u;system-r;sysadm-mail-t is invalid' I am not quite familiar with the messages. Can anyone help me to see what's going? Thanks, Hong -------------- next part -------------- An HTML attachment was scrubbed... URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20080906/5de1a6e1/attachment.html