[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Adding a custom PAM module and selinux



I am trying to add a custom PAM module (pam_poldi.so) to my FC5 system
to be able to login using a OpenPGP smartcard. I already changed the
security context of /lib/security/pam_poldi.so to match the other pam
modules (system_u:object_r:lib_t) but it seems that is not enough. In
syslog I still see:

su: PAM unable to dlopen(/lib/security/pam_poldi.so)
su: PAM [error: /lib/security/pam_poldi.so: cannot restore segment prot
after reloc: Permission denied]

This can propably be fixed with a chcon -t
texrel_shlib_t /lib/security/pam_poldi.so

This will probably not survice an selinux update or relabel session.
What is the proper way to add the module so it will survice relabels and
selinux updates?

Thanks,
Jurgen


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]