Am Sa, den 05.11.2005 schrieb Nicolas Mailhot um 10:41: > Hi, > > Following a thread on the fedora-extra list about which tool in FE > should be used to protect against sshd brute-force attacks I installed > pam_abl on my fedora devel box. Pam_abl is a security module that checks > every login attempt against user and host blacklists, and automatically > fill these lists after too frequent login failures. > > Unfortunately it seems the devel security policies are not nice to > pam_abl, so it doesn't work : > > Nov 5 10:27:02 rousalka pam_abl[3917]: Permission denied (13) while > opening or creating database > > I've posted the relevant details (full audit logs...) in > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172496 > > Could someone more qualified than me take a peek at them ? Sorry that I am not helpful at this stage. Just want to show I am following both the bugzilla ticket as well hopefully upcoming qualified discussion by the SELinux gurus, as being the FE package maintainer of pam_abl. What I would like to know - besides resolving the ticketed problem - is whether such kind of packages from Fedora Extras will have to carry policy modifications / adds themselves or whether approved FE packages should come up with Core policy package adjustments. Regards Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp Serendipity 04:20:26 up 8 days, 2:20, load average: 1.82, 1.53, 1.24
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
