Caveat: Broken pam
Stephen Smalley
sds at epoch.ncsc.mil
Fri Jul 30 12:10:54 UTC 2004
Just as a warning, the pam package in rawhide is broken for SELinux;
non-root logins will fail under console login, gdm, or ssh when in
enforcing mode. I think that this is due to a bug in pam_unix related
to execution of the chkpwd helper program. In permissive mode, pam_unix
doesn't need to run the helper program, as it can directly read
/etc/shadow itself. Fixed pam is available from Dan's site
ftp://people.redhat.com/dwalsh/SELinux/Fedora.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list