Re: [PATCH 1/5] adding seadmin support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2013-11-12 at 19:20 +0100, Dominick Grift wrote:

> Also i cant get sepermit to work on Fedora 19 ( at least not with sshd
> (thats all i tried) 
> 
> even if i add the debug option to sepermit.so it still does not log a
> thing and my confined admin is able to login in permissive mode :(
> 

I tried it again, and it just seems messy. In /etc/pam.d/gdm-password
"pam_selinux-permit.so" i called, while everywhere else (including the
man page) its "pam_sepermit.so"

No matter what i try though, i cannot get it to work for sshd at least

Not sure if related to sepermit, but i was able to login without a
password in gdm when i had just the usename added
to /etc/security/sepermit.conf (no ":exclusive" appended)

So if it was sepermit allowing the user to login w/o a password then i
think that is probably wrong becuase AFAIK you need :exclusive to allow
password less logins.

None the less, things do not work for sshd, no matter what i trie, and
its not giving me any feedback even if i append debug.


--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux





[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux