On Thu, 07.07.11 16:52, Daniel J Walsh ([email protected]) wrote: > >> This has a nasty consequence of breaking logins: > >> Jul 7 22:17:05 fedora-15 sshd[14261]: Accepted publickey for zbyszek from > >> 192.168.122.1 port 51205 ssh2 > >> Jul 7 20:17:05 fedora-15 sshd[14262]: fatal: mm_request_receive: read: > >> Connection reset by peer > >> Jul 7 22:17:05 fedora-15 sshd[14261]: pam_selinux(sshd:session): > >> conversation failed > >> Jul 7 22:17:05 fedora-15 sshd[14261]: pam_selinux(sshd:session): No > >> response to query: Would you like to enter a security context? [N] > >> Jul 7 22:17:05 fedora-15 sshd[14261]: pam_selinux(sshd:session): Unable > >> to get valid context for zbyszek > >> Jul 7 22:17:05 fedora-15 sshd[14261]: pam_unix(sshd:session): session > >> opened for user zbyszek by (uid=0) > >> Jul 7 22:17:05 fedora-15 sshd[14261]: error: PAM: pam_open_session(): > >> Authentication failure > >> Jul 7 22:17:05 fedora-15 sshd[14264]: Received disconnect from > >> 192.168.122.1: 11: disconnected by user > >> > >> In case of a login on a tty, the question about a security context > >> is displayed on the screen. In case of ssh login, if just fails > >> without any message displayed on the remote side. > > > > Newer versions of libselinux detect if /selinux is read-only and consider > > selinux disabled if it is. > > > Do I need to back port this to F15?
I see no immediate need as nspawn is still very new and this isn't a regression. That said I am sure Zbigniew would be thankful? Zbigniew? Lennart -- Lennart Poettering - Red Hat, Inc. _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
