Shellinabox
hi guys,
shellinabox, do you use it?
I in pretty vanilla setup get selinux denials and cannot login.
Selinux says:
#============= unconfined_service_t =============
#!!!! The file ‘/usr/bin/bash’ is mislabeled on your system.
#!!!! Fix with $ restorecon -R -v /usr/bin/bash allow unconfined_service_t unconfined_t:process transition;
but that does not seem right to me, to allow such a transition, right?
many thanks, L.
3 thoughts on - Shellinabox
audit2allow suggests to make a new module or restore /usr/bin/bash type context. Try to restore context first, in many cases it helps on
“vanilla” setup.
Anybody else? Anybody has gotten shellinabox working witout modification to SE policies?
I haven’t (it looks like a horribly insecure thing) but the source includes selinux policies:
https://github.com/shellinabox/shellinabox/tree/master/misc/selinux/shellinabox