1614 – ssh-copy-id doesn't seem to set correct selinux permissions

Bug 1614 - ssh-copy-id doesn't seem to set correct selinux permissions

Summary: ssh-copy-id doesn't seem to set correct selinux permissions

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	Miscellaneous (show other bugs)
Version:	5.2p1
Hardware:	Other Linux

Importance:	P2 normal
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:	1980
	Show dependency tree / graph

Reported:	2009-06-30 22:03 AEST by jchadima
Modified:	2013-03-22 12:02 AEDT (History)
CC List:	2 users (show)

See Also:

Attachments
patch solving the problem (689 bytes, patch) 2009-06-30 22:03 AEST, jchadima	no flags	Details \| Diff
Patch suitable for openssh-5.6p1 (2.25 KB, patch) 2010-09-03 23:15 AEST, jchadima	no flags	Details \| Diff
openssh-selinux-sshdir.patch (4.27 KB, patch) 2010-09-10 11:11 AEST, Darren Tucker	djm: ok+	Details \| Diff
Patch repaired for the SELinux environment without loaded rules (4.31 KB, patch) 2010-09-13 20:32 AEST, jchadima	no flags	Details \| Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description jchadima 2009-06-30 22:03:48 AEST

Created attachment 1655 [details]
patch solving the problem

Using ssh-copy-id to copy a ssh key to a new f11 host that has selinux enabled,
the authorized_keys file is created on the remote host with an incorrect
context.

Comment 1 jchadima 2010-09-03 23:15:10 AEST

Created attachment 1917 [details]
Patch suitable for openssh-5.6p1

Comment 2 Darren Tucker 2010-09-10 11:11:22 AEST

Created attachment 1922 [details]
openssh-selinux-sshdir.patch

equivalent patch that won't break every non-linux non-selinux platform.

Comment 3 Darren Tucker 2010-09-10 11:19:58 AEST

Comment on attachment 1922 [details]
openssh-selinux-sshdir.patch

why is this even necessary?

Comment 4 jchadima 2010-09-13 18:49:52 AEST

(In reply to comment #3)
> Comment on attachment 1922 [details]
> openssh-selinux-sshdir.patch
> 
> why is this even necessary?
because without it, the files/directories created are unaccessible for ssh/sshd on some installations.

Comment 5 jchadima 2010-09-13 20:32:33 AEST

Created attachment 1923 [details]
Patch repaired for the SELinux environment without loaded rules

Change patch to work correctly on SELinux environment without loaded SELinux rules.

Comment 6 Damien Miller 2013-02-08 10:40:16 AEDT

This is fixed in the proposed ssh-copy-id rewrite in bug #1980

Comment 7 Damien Miller 2013-03-22 12:02:01 AEDT

mark bugs closed by openssh-6.2 release as CLOSED