1 diff -urN openssh-3.7.1p2.org/session.c openssh-3.7.1p2/session.c
2 --- openssh-3.7.1p2.org/session.c 2004-01-05 14:23:20.406243719 +0100
3 +++ openssh-3.7.1p2/session.c 2004-01-05 14:31:01.863306724 +0100
4 @@ -1327,15 +1327,23 @@
5 if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
6 fatal("Failed to set uids to %u.", (u_int) pw->pw_uid);
8 - if (is_selinux_enabled()>0)
9 + if (is_selinux_enabled() > 0)
11 security_context_t scontext;
12 - if (get_default_context(pw->pw_name,NULL,&scontext))
13 - fatal("Failed to get default security context for %s.", pw->pw_name);
14 - if (setexeccon(scontext)) {
15 - fatal("Failed to set exec security context %s for %s.", scontext, pw->pw_name);
16 + if (get_default_context(pw->pw_name,NULL,&scontext)) {
17 + if (security_getenforce())
18 + fatal("Failed to get default security context for %s.", pw->pw_name);
20 + error("Failed to get default security context for %s (SELinux in permissive mode, continuing).", pw->pw_name);
22 + if (setexeccon(scontext)) {
23 + if (security_getenforce())
24 + fatal("Failed to set exec security context %s for %s.", scontext, pw->pw_name);
26 + error("Failed to set exec security context %s for %s (SELinux in permissive mode, continuing).", scontext, pw->pw_name);
34 diff -urN openssh-3.7.1p2.org/sshpty.c openssh-3.7.1p2/sshpty.c
35 --- openssh-3.7.1p2.org/sshpty.c 2004-01-05 14:23:20.667189473 +0100
36 +++ openssh-3.7.1p2/sshpty.c 2004-01-05 14:29:33.403698686 +0100
38 security_context_t new_tty_context=NULL,
39 user_context=NULL, old_tty_context=NULL;
41 - if (get_default_context(pw->pw_name,NULL,&user_context))
42 - fatal("Failed to get default security context for %s.", pw->pw_name);
43 + if (get_default_context(pw->pw_name,NULL,&user_context)) {
44 + if (security_getenforce())
45 + fatal("Failed to get default security context for %s.", pw->pw_name);
47 + error("Failed to get default security context for %s (SELinux in permissive mode, continuing).", pw->pw_name);
50 if (getfilecon(ttyname, &old_tty_context)<0) {
51 error("getfilecon(%.100s) failed: %.100s", ttyname,
53 freecon(old_tty_context);
55 freecon(user_context);
59 if (stat(ttyname, &st))