[DSE-Dev] Bug#690087: Can't reproduce with -13
Mika Pflüger
debian at mikapflueger.de
Thu Aug 8 13:31:07 UTC 2013
Hi,
I can't reproduce this bug. What I did:
* Install a fresh wheezy with task standard and openssh-server.
* apt-get install selinux-basics auditd
* selinux-activate; reboot; selinux-config-enforcing; reboot
* adduser unconf
* adduser conf
* semanage login -a -s user_u conf
Then semanage login -l shows:
Login Name SELinux User MLS/MCS Range
__default__ unconfined_u SystemLow-SystemHigh
conf user_u SystemLow
root unconfined_u SystemLow-SystemHigh
system_u system_u SystemLow-SystemHigh
Also, ps -eZ|grep sshd shows that sshd actually has categories:
LABEL PID TTY TIME CMD
system_u:system_r:sshd_t:s0-s0:c0.c1023 2585 ? 00:00:00 sshd
I can log in via ssh for both users, unconf and conf:
conf at setest:~$ id -Z
user_u:user_r:user_t:SystemLow
unconf at setest:~$ id -Z
unconfined_u:unconfined_r:unconfined_t:SystemLow-SystemHigh
Either the bug was fixed in the meantime or I don't understand where
the bug actually is.
Cheers,
Mika
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/selinux-devel/attachments/20130808/723cadfb/attachment.sig>
More information about the SELinux-devel
mailing list