From: justinmattock@gmail.com (Justin Mattock) Date: Mon, 8 Sep 2008 13:39:45 -0700 Subject: [refpolicy] Cannot use SSH with Refpolicy in Ubuntu Hardy In-Reply-To: <20080908062558.GA17624@bobek.pm.i.cz> References: <20080908062558.GA17624@bobek.pm.i.cz> Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Sun, Sep 7, 2008 at 11:25 PM, V?clav Ovs?k wrote: > On Sat, Sep 06, 2008 at 10:57:26PM -0400, Hong wrote: >> Thanks for your reply, Justin. >> >> I just changed the line `SELINUX=enforcing` to `SELINUX=permissive` and >> reboot the system. >> >> After reboot, I checked `getenforce` and it returned `permissive`. >> >> But still I cannot ssh to the machine remotely... >> After each try with a correct password, /var/log/message doesn't grow but >> /var/log/audit/audit.log grows with one line. >> If I tried with an incorrect password, neither of the two log files changed. > > Did you relabel file-system? > If you have some SE Linux problem (denials), sshd may fail even in > permissive mode, because it is SE Linux aware application and it can > choose different code flow with SE Linux enabled. Running the system in > permissive mode is not the same as running the system with SE Linux > switched off. I observed this sshd problem too. > Regards > -- > Zito > I wondering if he disabled SELinux completly, just to isolate the issue. -- Justin P. Mattock