More test data:
[EMAIL PROTECTED] ~]# ssh testuser/user_r/s2:[EMAIL PROTECTED] Password: Last login: Fri Jan 26 14:55:13 2007 from rheal3a.endicott.ibm.com -bash-3.1$ id uid=501(testuser) gid=501(testuser) groups=501(testuser) context=testuser_u:user_r:user_t:A -bash-3.1$ exit logout Connection to localhost closed. [EMAIL PROTECTED] ~]# ssh testuser/user_r/s2:[EMAIL PROTECTED] Password: Last login: Fri Jan 26 14:55:29 2007 from rheal3a.endicott.ibm.com -bash-3.1$ id uid=501(testuser) gid=501(testuser) groups=501(testuser) context=testuser_u:user_r:user_t:B -bash-3.1$ exit logout Connection to localhost closed. [EMAIL PROTECTED] ~]# ssh testuser/user_r/s2:[EMAIL PROTECTED] Password: Last login: Fri Jan 26 14:55:40 2007 from rheal3a.endicott.ibm.com -bash-3.1$ id uid=501(testuser) gid=501(testuser) groups=501(testuser) context=testuser_u:user_r:user_t:s2:c3 -bash-3.1$ quit -bash: quit: command not found -bash-3.1$ exit logout Connection to localhost closed. [EMAIL PROTECTED] ~]# ssh testuser/user_r/s2:[EMAIL PROTECTED] Password: Last login: Fri Jan 26 14:56:05 2007 from rheal3a.endicott.ibm.com -bash-3.1$ ls -bash-3.1$ id uid=501(testuser) gid=501(testuser) groups=501(testuser) context=testuser_u:user_r:user_t:s2:c2 -bash-3.1$ quit -bash: quit: command not found -bash-3.1$ exit logout Connection to localhost closed. [EMAIL PROTECTED] ~]# ssh testuser/user_r/s2:c2,[EMAIL PROTECTED] Password: Last login: Fri Jan 26 14:56:22 2007 from rheal3a.endicott.ibm.com -bash-3.1$ id uid=501(testuser) gid=501(testuser) groups=501(testuser) context=testuser_u:user_r:user_t:s2:c2,c3 -bash-3.1$ exit logout Connection to localhost closed. [EMAIL PROTECTED] ~]# On Fri, 2007-01-26 at 12:54 -0800, Kylene Jo Hall wrote: > More test data: > > ssh testuer/user_r/s#:c0,[EMAIL PROTECTED] works for every value of # between > 0 and 15 except 2. > > Thanks, > Kylie > > On Fri, 2007-01-26 at 21:27 +0100, Tomas Mraz wrote: > > On Fri, 2007-01-26 at 12:11 -0800, Kylene Jo Hall wrote: > > > I have been unable to ssh into an LSPP system with multiple categories. > > > > > > For example the following work: > > > ssh testuser/user_r/[EMAIL PROTECTED] > > > ssh testuser/user_r/s2:[EMAIL PROTECTED] > > > ssh testuser/user_r/s2:[EMAIL PROTECTED] > > > > > > But these do not: > > > ssh testuser/user_r/s2:[EMAIL PROTECTED] > > > ssh testuser/user_r/s2:c0,[EMAIL PROTECTED] > > > > > > Policy version: selinux-policy-mls-2.4.6-28.el5 > > > Kernel version: kernel-2.6.18-1.3015.2.1.el5.lspp.63 > > > > > > We have tested this on multiple architectures to no avail. Any > > > suggestions? > > Could you modify LogLevel in /etc/ssh/sshd_config to DEBUG3 and look > > into the /var/log/secure what messages are there when the login fails? > > -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
