[ubuntu-hardened] Cannot use SSH with Refpolicy in Ubuntu Hardy

[Matt Anderson]

Hong wrote:
> I downloaded the source of refpolicy in Hardy.  (`apt-get source 
> refpolicy`).  I compiled the policy and loaded it.  And then I reboot 
> the system with PERMISSIVE mode.  (add `enforcing=0` in the kernel 
> options when booting)
> 
> Now I cannot login the system remotely using ssh.  Note that the system 
> is in PERMISSIVE mode! (`getenforce` returns `Permissive`).  Everytime I 
> tried `ssh my_host_name` and enter the correct password, the client side 
> shows
> "Read from remote host my_host_name: Connection reset by peer
> Connection to my_host_name."
> 
> And after each unsuccessful login, the /var/log/audit/audit.log file on 
> the server   added a line:
> "type=ANOM_ABEND msg=audit(1220746818.492:93): audit=4294967295 uid=1000 
> gid=1000 subj=system_u:system_r:sysadm_t pid=4713 comm="sshd" sig=6"

The way I read this is the sshd process ended with signal 6 which is 
Abort.  The type ANOM_ABEND I think decodes to Anomalous - Abnormal End.

> By the way, when I use `make load` to load the policy, there is a 
> one-line error message
> '[19691.816572] secuirty; context system-u;system-r;sysadm-mail-t is 
> invalid'

I suspect this is closer to where your problem lies.  For one, I'd 
expect underscores instead of dashes in the context.  I'd try removing 
and trying to rebuild and install the policy cleanly.  Is it possible to 
get a pre-built policy for Hardy?  It might be useful to see if the 
problem exists there as well.

-matt