-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Eric Vought, Technical Director wrote: | Eric Vought, Technical Director wrote: | | Satish Balay wrote: | | | On Wed, 2 Feb 2005, Eric Vought, Technical Director wrote: | | | | | | | | |>Symptoms: | | |>sshd rejects all users but one (my account) with "*user* rejected | | |>because not in AllowUsers". | | | | | | | | | Maybe not releated - but I thought I'd sugest anyway.. | | | | | | Once I had problem with adding new users with | | | 'system-config-users'. However I could add with 'adduser' - but ssh | | | whouldn't accept the passwd. | | | | | | The thing that resolved this issue for me was running | | | 'system-config-securitylevel' - in the 'Selinux' tab, disabling | | | Selinux - and then re-enabling it again. | | | | | | Satish | | | | | That's interesting ... it may be related. Does SELinux cache the inodes | | of configuration files? In other words, if I used an editor which does a | | create-and-rename for saving files, would sshd be rendered incapable of | | reading its own configuration? | | | Well, it looks like SELinux cannot be the problem. sshd is running | unconfined; it is not in the 'targetted' policy. | OK, the problem is that service sshd reload and service sshd restart are not working. They are SIGHUPping the wrong process IDs. I figured this out when I realized that not all of my ssh sessions were closing when I reloaded the configuration. The session which was closing was the one which was mistakenly shut down by service sshd reload/restart.
When I HUP the process myself, everything suddenly works.
- -- - -------------- Eric Vought
Technical Director, Diversity Ink Morgan Family Enterprises -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCAYmdGqlqMhx2Xb0RAugiAJ9kJN3oc+S9jFxyoPx5qawPIL0FtwCdHNHt XDtVnqoQZJKtSNGd9RrqYLQ= =0erO -----END PGP SIGNATURE-----
begin:vcard fn:Eric Vought n:Vought;Eric org:Diversity Ink adr;dom:;;;Republic;MO email;internet:evought@xxxxxxxxxxxxxxxx title:Technical Director x-mozilla-html:FALSE url:http://www.diversityink.com version:2.1 end:vcard
