Russell Coker wrote:
On Saturday 23 August 2008 06:29, Vikram Ambrose
<Vikram.Ambrose@xxxxxxxxxxxxx> wrote:
I've been messing around with various modules and installations and I've
come across a strange PAM problem. Without any SELinux support in
pam.d/login, root's shell gets system_r:local_login_t
Yes, ages ago it was decided not to maintain patches for the various terminal
login programs and to instead use a PAM module.
But then using: pam_selinux.so close/open, root's shell gets
root:staff_r:system_chkpwd_t
I think that was a policy bug, it's fixed if you use all the latest versions.
What version of the policy is running on the machines in question?
Strange, that box is running the latest. Refpolicy svn-2787 and Selinux
svn-2950
Could you tell me a little more about that bug, and how it came about?
Vikram
--
Vikram Ambrose | Linux Products Division | WindRiver Corporation
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
