From: vaclav.ovsik@i.cz (=?utf-8?Q?V=E1clav_Ovs=EDk?=) Date: Mon, 8 Sep 2008 08:25:58 +0200 Subject: [refpolicy] Cannot use SSH with Refpolicy in Ubuntu Hardy In-Reply-To: References: Message-ID: <20080908062558.GA17624@bobek.pm.i.cz> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Sat, Sep 06, 2008 at 10:57:26PM -0400, Hong wrote: > Thanks for your reply, Justin. > > I just changed the line `SELINUX=enforcing` to `SELINUX=permissive` and > reboot the system. > > After reboot, I checked `getenforce` and it returned `permissive`. > > But still I cannot ssh to the machine remotely... > After each try with a correct password, /var/log/message doesn't grow but > /var/log/audit/audit.log grows with one line. > If I tried with an incorrect password, neither of the two log files changed. Did you relabel file-system? If you have some SE Linux problem (denials), sshd may fail even in permissive mode, because it is SE Linux aware application and it can choose different code flow with SE Linux enabled. Running the system in permissive mode is not the same as running the system with SE Linux switched off. I observed this sshd problem too. Regards -- Zito