[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [RFC Fedora 10] kill pam_console



Chris Adams (cmadams hiwaay net) said: 
> Once upon a time, Bill Nottingham <notting redhat com> said:
> > We've carried both pam_console and HAL-based ACL support for a while
> > now. It's time to cut the cord and remove pam_console, so we only
> > have one way of setting device permissions to worry about.
> 
> I am slow on the up-take here, but how do I use the "HAL-based ACL
> support" to replace pam_console?  For example, on a system with serial
> ports used for accessing other consoles, I have a 10-serial.perms like:
> 
> ########################################################################
> <serial>=/dev/ttyS[0-9]* /dev/ttyUSB[0-9]*
> 
> <console>  0660  <serial>  0660  root.uucp
> ########################################################################
> 
> How do I replace that?

See /usr/share/hal/fdi/policy/10osvendor/00-thinkfinger.fdi for an
example of something that does access control. What does lshal
have for your serial devices?

Bill


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]