Login as each user to check:
ls -lZ /SCC/user/scc/.ssh/authorized_keys # sccadm
ls -lZ /PATCHES/sccupd/.ssh/authorized_keys # sccupd
ls -lZ /ora01/home/oracle/.ssh/authorized_keys # oracle
ls -lZ /U/user/scc/.ssh/authorized_keys # scc
ls -lZ /U5/user/scc/.ssh/authorized_keys # 5scc
ls -lZ /UT/user/scc/.ssh/authorized_keys # tscc
Example:
SCCLXAPP1:/# ls -lZ /U5/user/scc/.ssh
-rw-r-----. 1 5scc 5scc unconfined_u:object_r:ssh_home_t:s0 2984 Aug 3 01:38 authorized_keys
To correct:
As root user:
semanage fcontext -a -t ssh_home_t '/UT/user/scc/.ssh(/.*)?'
restorecon -RFvv /UT/user/scc/.ssh
You may also be able to run the Ansible script linux_hw_setup to correct.
ansible-playbook playbooks/install.yml --tags selinux
If there’s still some unlabeled files/ directories:
ls -lZ / | grep unlabeled
restorecon -vr /
SELinux - sccadm, sccupd, env users, and oracle users - context ssh_home_t
Symptoms: Occurs when running Vers2! Requires password, won’t work Also, could not ssh tscc@localhost
sccadm, sccupd, oracle, scc, 5scc, tscc, nscc, etc…
Login as each user to check: ls -lZ /SCC/user/scc/.ssh/authorized_keys # sccadm ls -lZ /PATCHES/sccupd/.ssh/authorized_keys # sccupd ls -lZ /ora01/home/oracle/.ssh/authorized_keys # oracle ls -lZ /U/user/scc/.ssh/authorized_keys # scc ls -lZ /U5/user/scc/.ssh/authorized_keys # 5scc ls -lZ /UT/user/scc/.ssh/authorized_keys # tscc
Example: SCCLXAPP1:/# ls -lZ /U5/user/scc/.ssh -rw-r-----. 1 5scc 5scc unconfined_u:object_r:ssh_home_t:s0 2984 Aug 3 01:38 authorized_keys
To correct: As root user: semanage fcontext -a -t ssh_home_t '/UT/user/scc/.ssh(/.*)?' restorecon -RFvv /UT/user/scc/.ssh
You may also be able to run the Ansible script linux_hw_setup to correct. ansible-playbook playbooks/install.yml --tags selinux
If there’s still some unlabeled files/ directories: ls -lZ / | grep unlabeled restorecon -vr /