On Tue, Apr 21, 2009 at 7:13 AM, Justin Mattock <justinmattock@xxxxxxxxx> wrote: > On Tue, Apr 21, 2009 at 4:53 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: >> On Mon, 2009-04-20 at 16:10 -0700, Justin Mattock wrote: >>> quick question: >>> Is there a way to configure pam.d/* >>> for a one time password for the session, so when I use newrole >>> I don't have to give a password each time? >>> >>> The reason for this is, is I'm trying to >>> configure all of my apps in the menu bar of >>> fluxbox, so when I click on any app in there >>> the app will automatically open in the specified role. >>> (rather than opening a terminal etc...) >> >> You can use /etc/selinux/newrole_pam.conf to specify a different pam >> configuration for specific applications. >> >> -- >> Stephen Smalley >> National Security Agency >> >> > > hmm... weird, I'm must have built > pam/shadow wrong(not reading > /etc/selinux/newrole_pam.conf > In any case I'll try and see If I can get away > with having nothing in the file(or look for something > that's responsible for taking the original session paswd > and remembering it for the rest of the session) > > This way it makes life easier, > > -- > Justin P. Mattock > After looking at my situation, I seem to be stuck at how/or why newrole is not reading /etc/selinux/newrole_pam.conf. (all development headers are there) seems it's going directly to /etc/pam.d/newrole, instead of /etc/selinux/* Also is there something new with newrole having to have libprelude in order to install? -- Justin P. Mattock -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
