Orion Poplawski wrote:
Daniel J Walsh wrote:
> What context is your sshd running under?
> Normal sshd runs under
>
> system_u:system_r:sshd_t:SystemLow-SystemHigh
>
> I think you might be having a problem if you sshd is only running at
> s0 and trying to log people in at
> SystemLow-SystemHigh.
Well, in permissive mode it ends up like:
root:system_r:unconfined_t:SystemLow-SystemHigh orion 7737 7732 0
13:45 ? 00:00:00 sshd: orion@notty
But this is after login. I'm not sure there's a good way to tell what
it is before the login completes though - unless the error messages
indicate that it is running in s0.
How can I make sure that it is running at SystemLow-SystemHigh to
start with? Get the SGE daemons running in that mode so that children
inherit that?
Or setup a transition from the SGE Daemons to sshd_t:s0-SystemHigh