On Fri, 2006-09-08 at 14:47 -0500, Michael C Thompson wrote: > Stephen Smalley wrote: > > On Fri, 2006-09-08 at 14:28 -0500, Michael C Thompson wrote: > >> Daniel J Walsh wrote: > >>> Michael C Thompson wrote: > >>>> Hey all, > >>>> > >>>> It seems that ssh is unable to add entries to known_hosts for the root > >>>> user as sysadm_t. Is this a known issue? And if so, who can add > >>>> entries to /root/.ssh/known_hosts ? > >>>> > >>>> Thanks, > >>>> Mike > >>>> > >>> This works for me. How is the file labeled? > >> # ls -alZ /root/.ssh > >> drwx------ root root root:object_r:user_home_ssh_t:SystemLow . > >> drwxr-x--- root root > >> root:object_r:sysadm_home_dir_t:SystemLow-SystemHigh .. > >> -rw------- root root root:object_r:bin_t:SystemLow id_rsa > >> -rw-r--r-- root root root:object_r:bin_t:SystemLow id_rsa.pub > >> -rw-r--r-- root root root:object_r:user_home_ssh_t:SystemLow known_hosts > > > > /sbin/restorecon -R /root/.ssh > > I have relabeled this system numerous times with touch /.autorelabel... > why wasn't this picked up?
Not sure, not a big fan of autorelabeling myself. Is /home on a separate partition? Would it be mounted when the relabel runs from rc.sysinit? -- Stephen Smalley National Security Agency -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
