[RFC Fedora 10] kill pam_console
Bill Nottingham
notting at redhat.com
Wed Jul 9 19:53:03 UTC 2008
Chris Adams (cmadams at hiwaay.net) said:
> Once upon a time, Bill Nottingham <notting at redhat.com> said:
> > We've carried both pam_console and HAL-based ACL support for a while
> > now. It's time to cut the cord and remove pam_console, so we only
> > have one way of setting device permissions to worry about.
>
> I am slow on the up-take here, but how do I use the "HAL-based ACL
> support" to replace pam_console? For example, on a system with serial
> ports used for accessing other consoles, I have a 10-serial.perms like:
>
> ########################################################################
> <serial>=/dev/ttyS[0-9]* /dev/ttyUSB[0-9]*
>
> <console> 0660 <serial> 0660 root.uucp
> ########################################################################
>
> How do I replace that?
See /usr/share/hal/fdi/policy/10osvendor/00-thinkfinger.fdi for an
example of something that does access control. What does lshal
have for your serial devices?
Bill
More information about the fedora-devel-list
mailing list