[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: polyinstantiation of the /tmp dir
- From: Tomas Mraz <tmraz redhat com>
- To: fedora-selinux-list redhat com
- Subject: Re: polyinstantiation of the /tmp dir
- Date: Thu, 06 Sep 2007 15:50:11 +0200
On Wed, 2007-09-05 at 13:06 -0700, Clarkson, Mike R (US SSA) wrote:
> I'm trying to set up polyinstantiation of the /tmp directory using
> RHEL5. The /etc/security/namespace.conf file shows the following line as
> needing to be uncommented out:
> /tmp /tmp-inst/ level root,adm
>
> The /usr/share/doc/pam-0.99.6.2/txts/README.pam_namespace file describes
> the format of the /etc/security/namespace.conf file, and the allowable
> values. For the <method> entry it lists the following valid values:
> "user", "context", "both". It doesn't list "level" as a valid value.
> However, "level" is the only value that I can get to work. With "user",
> "context", or "both", I get the following error when I attempt to use
> newrole to change the level of my shell:
> "pam_open_session failed with Cannot make/remove an entry for
> the specified session"
>
> Any ideas as to why?
There can be various reasons. Use the 'debug' option of pam_namespace to
get some debug messages in /var/log/secure which may give some more
insight on this.
> And what other values are valid other than "level"
The documentation is a little bit outdated. The valid values are "user",
"context" and "level".
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]