On Saturday 23 August 2008 06:29, Vikram Ambrose <Vikram.Ambrose@xxxxxxxxxxxxx> wrote: > I've been messing around with various modules and installations and I've > come across a strange PAM problem. Without any SELinux support in > pam.d/login, root's shell gets system_r:local_login_t Yes, ages ago it was decided not to maintain patches for the various terminal login programs and to instead use a PAM module. > But then using: pam_selinux.so close/open, root's shell gets > root:staff_r:system_chkpwd_t I think that was a policy bug, it's fixed if you use all the latest versions. What version of the policy is running on the machines in question? -- russell@xxxxxxxxxxxx http://etbe.coker.com.au/ My Blog http://www.coker.com.au/sponsorship.html Sponsoring Free Software development -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
