Displaying 3 results from an estimated 3 matches for "get_default_context".
2011 Oct 24
1
problem using sshd inside a LXC container
Currently I have a RH6.1 host with selinux enabled
On this I am running a LXC container with ubuntu (without selinux) with
OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009
when I try to do a ssh connection to the lxc container I get :
...
debug1: Next authentication method: password
root at 192.168.2.11's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new
2011 Dec 13
5
[Bug 1960] New: Running sshd in wrong SELinux context causes segmentation fault when a user logs in
...n the wrong context (for instance kernel_t) a
logon of a user through SSH causes the session to terminate abruptly
due to a segmentation fault.
This is caused by not initializing the local variable "sc" in the
openbsd-compat/port-linux.c::ssh_selinux_getctxbyname() function. The
call to get_default_context() will result in the return code -1, but
"sc" is left untouched (and thus not a valid security_context_t
instance). Later in the function, "sc" is returned to the calling
function (which is ssh_selinux_setup_exec_context) which tries to free
the context through freecon(user_ctx)...
2004 Sep 07
0
Please review openssh patch for selinux
...nux/flask.h>
+#include <selinux/context.h>
+#include <selinux/get_context_list.h>
+#include <selinux/get_default_type.h>
+extern Authctxt *the_authctxt;
+
+static const security_context_t selinux_get_user_context(const char *name) {
+ security_context_t user_context=NULL;
+ if (get_default_context(name,NULL,&user_context)) {
+ if (security_getenforce() > 0)
+ fatal("Failed to get default security context for %s.", name);
+ else
+ error("Failed to get default security context for %s. Continuing in permissve mode", name);
+ } else {
+ if (the_authctxt) {
+...