su error message

[edcrown1]

Hi,
Running FC5 on a couple of servers. All was fine until the recent SSH2 upgrade. Since the upgrade, my users can no longer run su. I can log-in as root via SSH, but cannot execute su as a normal user.

The error in the message log is
kernel: audit(1166633353.814:277): avc: denied { execute } for pid=17320 comm="su" name="xauth" dev=dm-0 ino=13359914 scontext=system_u:system_r:initrc_su_t:s0 tcontext=system_u:object_r:xauth_exec_t:s0 tclass=file

This only occurs on FC5. Am I missing something obvious?

Greatly appreciate your help.

thanks,
Ed

[stoggy]

Thats a selinux permission violation. Selinux is keeping them from running the command su. This is probably a mess up on the fedora core maintainers part.

To check this you can go into the selinux setup (there is a gui app for this) disable selinux protection and try to run su if it works then you know selinux is causing the problem. The gui app is under System > Administration > Security Level and Firewall ... Then click on the selinux tab and set SElinux Setting to Disabled. If selinux is the problem, this happens a lot in fc ... try checking for new updates. Sometimes the fedora core maintainers release a fix to a package but dont update their policies until later so selinux breaks stuff until the new policies get installed.

[edcrown1]

Thanks for the info. You were correct on selinux being the issue. will look for the latest updates and read on creating new policies.

ed