On Sat, Sep 22, 2018 at 07:39:40PM +0200, Christian Göttsche wrote: > When I logout from my SELinux enabled machine, I get the following > error message: > > Sep 22 19:23:52 server02 sshd[23234]: syslogin_perform_logout: > logout() returned an error <--- > Sep 22 19:23:52 server02 sshd[23234]: Received disconnect from > <myclientip> port 53300:11: disconnected by user > Sep 22 19:23:52 server02 sshd[23234]: Disconnected from user root > <myclientip> port 53300 > Sep 22 19:23:52 server02 sshd[23234]: pam_unix(sshd:session): session > closed for user root > > Nothing seems to break but what's the cause of this?
Is it possible that the SELinux profile for sshd is denying it the ability to write to /var/run/utmp? (I think that's the path.) I don't use SELinux myself, but perhaps it has some debugging tools that would make it possible to see what accesses have been denied? > Maybe the error message > [https://sources.debian.org/src/openssh/1:7.8p1-1/loginrec.c/#L1433] > can be improved? Unfortunately logout() doesn't give sshd a way to get any more information that it could put in the error message; it just returns 1 on success and 0 on failure. -- Colin Watson [cjwat...@debian.org]
