[redhat-lspp] Wrong behaviour of run_init upon authentication
Glauber de Oliveira Costa
glommer at br.ibm.com
Wed Jun 7 17:38:15 UTC 2006
Hi folks,
I tried to run some system daemons trough the run_init utility, and got a
behaviour that I considered not exactly right.
While trying to shoot it from the following context:
[root at ltc01 ~]# id -Z
root:staff_r:staff_t:SystemLow-SystemHigh
I got this:
[root at ltc01 ~]# run_init /sbin/sshd
Authenticating root.
Password:
run_init: incorrect password for root
However, the password is typed carefully, and is surelly right. Audit messages
tell me more about what happened:
type=AVC msg=audit(1149576826.325:1676): avc: denied { setuid } for
pid=10669 comm="run_init" capability=7
scontext=root:staff_r:staff_t:s0-s15:c0.c255
tcontext=root:staff_r:staff_t:s0-s15:c0.c255 tclass=capability
type=SYSCALL msg=audit(1149576826.325:1676): arch=40000003 syscall=213
success=yes exit=0 a0=0 a1=64dff4 a2=0 a3=400 items=0 pid=10669 auid=0 uid=0
gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="run_init"
exe="/usr/sbin/run_init"
Since this is not at all a wrong password issue, this message seems to be
wrongly generated.
glauber.
More information about the redhat-lspp
mailing list