Selinux On Ubuntu Server

Hi All,

Please can someone assist me on this, I enabled Selinux on Ubuntu 14.04 server and it's disabling ssh remote login for all users including root.

From the ssh terminal I get the following error:

ssh root@192.168.x.x
Last login: Wed Mar 25 12:39:02 2015 from 192.168.x.x
/bin/bash: Permission denied
Connection to 192.168.211.135 closed.


tail /var/log/auth.log

ubuntu sshd[1640]: Accepted password for root from 192.168.x.x port 51082 ssh2

ubuntu sshd[1642]: Accepted password for root from 192.168.x.x port 51089 ssh2

ubunt sshd[1640]: Received disconnect from 192.168.x.x: disconnected by user

audit2allow --all

sshd_t

This avc is a constraint violation. you would need to modify the attribute of either the source or target types to allow this access.

possible cause is the source user (system_u) and target user (unconfined_u) are different.

possible cause is the source role (system_r) and target role (unconfined_r) are different.

possible cause is the source level (s0) and target level (s0-s0:c0.c255) are different.

allow sshd_t unconfined_trocess transition.

Please how can I make this changes to take effect.

Thanks in advance.


Similar Content



Wrong Incoming Ssh Ports In /var/log/auth.log ?

Hello,
I am using my raspberry pi with Linux 3.18+ installed. I changed the default ssh port from 22 to 16022. This is my sshd_config file:
Code:
# Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
#Port 22
Port 16022
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2

PAM auth is disabled and I only login using password. Now, I checked the authentication log file: /var/log/auth.log. This is a snippet of what it contains:
Quote:
Apr 23 23:44:55 raspberrypi sshd[6473]: Accepted password for pi from 50.252.93.50 port 51978 ssh2
Apr 23 23:52:22 raspberrypi sshd[6477]: Received disconnect from 50.252.93.50: 11: Normal Shutdown
May 5 01:51:02 raspberrypi sshd[4551]: Accepted password for pi from 50.153.109.28 port 30222 ssh
May 5 09:43:47 raspberrypi sshd[6033]: Accepted password for pi from 50.153.110.150 port 21551 ssh2
May 5 09:43:53 raspberrypi sshd[6039]: Received disconnect from 50.153.110.150: 11: Normal Shutdown
May 5 14:09:23 raspberrypi sshd[6783]: Accepted password for pi from 50.153.109.23 port 28684 ssh
May 5 14:32:43 raspberrypi sshd[7008]: Accepted password for pi from 50.153.109.23 port 28689 ssh
May 5 14:37:21 raspberrypi sshd[7014]: Received disconnect from 50.153.109.23: 11: Normal Shutdow
May 8 02:01:41 raspberrypi sshd[24468]: Accepted password for pi from 50.153.110.150 port 30862 ssh2
How is this possible? Why is it showing these random ports for ssh?

This is what 'sudo netstat -nlp' gives:
Code:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN      7923/0
tcp        0      0 0.0.0.0:16022           0.0.0.0:*               LISTEN      2501/sshd
udp        0      0 0.0.0.0:37851           0.0.0.0:*                           2019/dhclient
udp        0      0 0.0.0.0:68              0.0.0.0:*                           2192/dhclient
udp        0      0 0.0.0.0:68              0.0.0.0:*                           2019/dhclient
udp        0      0 192.168.1.82:123        0.0.0.0:*                           2419/ntpd
udp        0      0 192.168.1.78:123        0.0.0.0:*                           2419/ntpd
udp        0      0 127.0.0.1:123           0.0.0.0:*                           2419/ntpd
udp        0      0 0.0.0.0:123             0.0.0.0:*                           2419/ntpd
udp        0      0 0.0.0.0:44953           0.0.0.0:*                           2192/dhclient
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name    Path
unix  2      [ ACC ]     SEQPACKET  LISTENING     3880     168/udevd           /run/udev/control
unix  2      [ ACC ]     STREAM     LISTENING     8018     2341/dbus-daemon    /var/run/dbus/system_bus_socket

Plus, I am accessing my machine from outside my home network. My router is configured to block all ports, except 16022, whose tcp traffic is forwarded to my raspberry pi. So I don't understand why the log file has these weird ports listed.

Iptables --policy (login Slow)

Dear all,

This is my current iptables (with default policy = Accept) and no rules.
Code:
[root@racnode1 ~]# iptables -L -v
Chain INPUT (policy ACCEPT 77072 packets, 7890K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 70306 packets, 129M bytes)
 pkts bytes target     prot opt in     out     source               destination         
[root@racnode1 ~]#

I have decided to allow only incoming network connection from my own subnet and hence

Code:
[root@racnode1 ~]# iptables -A INPUT -s 192.168.0.0/24 -j ACCEPT
[root@racnode1 ~]# iptables -L -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  178  9055 ACCEPT     all  --  any    any     192.168.0.0/24       anywhere            

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 186 packets, 316K bytes)
 pkts bytes target     prot opt in     out     source               destination         
[root@racnode1 ~]#

Noted that my default policy is still ACCEPT, hence I

Code:
[root@racnode1 ~]# iptables --policy INPUT DROP

===============================================================

Upon this, I have 2 issues

a) my iptables -L -v command can't display fully, i am stuck at below

Quote:
[root@racnode1 ~]# iptables -L -v
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
b) my ssh login is very slow

Quote:
login as: root
-- waited quite sometime before prompting me for password
===============================================================

If i removed revert the INPUT policy to ACCEPT, then everything will be fine as normal.

Why ?

Thanks and look forward to your advises.

Regards,
Noob ;(

Cannot Get Root To Work

I have been getting permission denied issues when trying to log into as root. I have set my password and when I type su - root and enter in my password I keep getting either password incorrect when I know I am typing it in correctly or acess permission denied from su. Can anyone explain what I am doing wrong. I am trying to get into /etc/passwd for homework assignment and I get permission denied when logged in as my user. Any help will be great. I have in the past been able to logg in to root but now I cant seem to get into it. This is a new install of ubuntu 14

New Password Not Working In Software Centre.

Hi, I forgot my password so went into root to change it.

From grub menu, Ubuntu : advanced options : ubuntu recovery : network : root

input passwd then typed in a new password and re-entered password. rebooted.

Tried to uninstall Firefox from software centre but the new password was not accepted for authentication.

Could anyone advise what the problem could be or suggest what I may have done wrong. The password appeared to be accepted ok in root. Thanks

Centos 7 - X11 Forwarding

I've read quite a few articles on this now and I still don't seem to be able to do this so am hoping someone can tell me where I am going wrong...

Background:-
Centos v7 running in a VM
Cygwin installed on the desktop (fresh install)

I have amended the sshd_config on the VM to :-
X11Forwarding yes
X11UseLocalhost no
Disabled selinux and restarted the sshd daemon.

Within cygwin before making the connection I set:-
export DISPLAY=:0
Then run startxwin

Within Xwin.exe I run the following and get the error:-
$ ssh -XY root@192.168.246.130
root@192.168.247.131's password:
X11 forwarding request failed on channel 0
Last login: Tue Jun 2 20:40:44 2015 from 192.168.246.10

Is it something I'm missing?
I'll admit X11 is a weak area for me.

Systemd Starting Services

hi all

I am learning systemd and how to add new services as part of the LFS201 course and I have a question about the services:
Code:
Lab 4.2: Adding a New Startup Service with systemd
For example a very minimal file named
/etc/systemd/system/fake2.service:
[Unit]
Description=fake2
After=network.target
[Service]
ExecStart=/bin/echo I am starting the fake2 service
ExecStop=/bin/echo I am stopping the fake2 service
[Install]
WantedBy=multi-user.target

Code:
root@ubuntu:/etc/systemd/system# systemctl start fake.service
root@ubuntu:/etc/systemd/system# systemctl status fake.service
 fake.service - fake
   Loaded: loaded (/etc/systemd/system/fake.service; disabled; vendor preset: enabled)
   Active: inactive (dead)

May 16 11:41:05 ubuntu systemd[1]: Started fake.
May 16 11:41:05 ubuntu systemd[1]: Starting fake...
May 16 11:41:05 ubuntu echo[1798]: I am starting the fake2 service
May 16 11:41:05 ubuntu echo[1800]: I am stopping the fake2 service
root@ubuntu:/etc/systemd/system# ps aux | grep fake*
root      1809  0.0  0.0  13688  2272 pts/8    S+   11:41   0:00 grep --color=auto fake.service
root@ubuntu:/etc/systemd/system#

as you can see the fake2 service is really only two lines. And when I grep for the service via ps I can't fine it. I guess it is because it has finished running. I am wondering how can I change it so that I can keep it running?

thanks

File Transfer Through UART Between Linux Host And Embedded Linux Target

Hi,

I have a target board running embedded Linux, and a host PC that runs Ubuntu. I want to be able to transfer files from the host PC to the target board through serial interface, (something like I have a terminal program on the host side that talks to the target, and I issue some command from the terminal to transfer a file to the target, the target receive the file and store it in some RAM location for later), How can I do it?
I know how to do this using ymodem on the host terminal and loady on target's u-boot command prompt, but how can I do it when target is running Linux?

Thank you all,
Wei

Setting Root Password

Wow, I got my new Linux pc yesterday and it's very very fast. It's faster than my new MacBook.
So I go to the user account which also says administrator so I'm presuming that's the root owner?????? and I typed in my name and changed the password. The guy who sold it to me named the password user and the computer user. Yet when I go to the terminal my username and computer is still called user@user
How do I change the root password and computer name?

Setting Root Password

Wow, I got my new Linux pc yesterday and it's very very fast. It's faster than my new MacBook.
So I go to the user account which also says administrator so I'm presuming that's the root owner?????? and I typed in my name and changed the password. The guy who sold it to me named the password user and the computer user. Yet when I go to the terminal my username and computer is still called user@user
How do I change the root password and computer name?

Slackware 14.0 - End User Changing Password Failed

Hi all,

I am slackware 14.0 user. Recently I face one problem. As a root i can change one of my normal user's (assuming Peter) password. However, when I login as Peter, and try to change the password, the system does not allow me to renew my password.


root@slackwa /etc# ls -la | grep shadow
-rw-r----- 1 root shadow 9 Nov 29 2013 gshadow
-rw------- 1 root root 0 Jun 20 2013 gshadow-
-rw-r----- 1 root shadow 2272 Apr 12 22:44 shadow
-rw------- 1 root root 2274 Apr 12 21:40 shadow-
root@slackwa /etc# ls -la | grep passwd
-rw-r--r-- 1 root root 2362 Apr 12 12:58 passwd
-rw------- 1 root root 2306 Jan 8 17:38 passwd-
-rw-r--r-- 1 root root 2305 Aug 11 2014 passwd~


peter@slackwa ~$ which passwd
/usr/bin/passwd
peter@slackwa ~$ ls -la /usr/bin/passwd
-rws--x--x 1 root root 68725 Sep 14 2012 /usr/bin/passwd*

peter@slackwa ~$ passwd
Changing password for peter
Old password:
Incorrect password for peter.
The password for peter is unchanged.

One thing I can assure is the password I input is correct. I have another slackware 14 running on Dell R410, but it does not has this problem.


Please kindly advice. Thank you.