Package: openssh Version: 1:5.1p1-5 Severity: important Hi!
I am afraid the bug still persists. The already attached (by Vaclav Ovsik) patch fixes the bug for me. To me the bug is important as it rendered remote access unusable. As far as "badly configured SE Linux" (from this bugs subject) is concerned, I am not aware of anything "bad" around here. I am SE Linux novice for shure, but I did not hack around much (only one pp added, not about ssh, made by audit2allow) and used only official debian documentation (the wiki about SE Linux: http://wiki.debian.org/SELinux, with Fedora Core FAQ). I am pretty shure that some or the other filesystems has been relabeled. Which type should /usr/sbin/sshd have, btw. Though the original post mentions some command to chcon the type of the sshd executeable, it makes no difference for my system (permissive state, see below) if I change that. The segmentation fault by sshd stays the same regardless whether you use file_t or bin_t. Last but not least this could be a seen as regression as I think debian bug #430838 might be quite the same thing in respect of the outcome (ssh login blocked). Of course the true cause was quite different with that bug. I just stumbled over the rating of "grave" which was used there. Anyway. Thanks for the patch! Please include upstream or in debian soon. Kind regards, Philipp -- SE Linux Information: SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: permissive Policy version: 23 Policy from config file: default -- System Information: Debian Release: 5.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
