Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: file_contexts patch
From: Russell Coker <russell_at_coker.com.au>
Date: Sun, 18 Jul 2004 12:58:37 +1000
http://cvs.sourceforge.net/viewcvs.py/pam/Linux-PAM/modules/pam_unix/unix_chkpwd.c unix_chkpwd has been around for years, I can't believe that it's something that they haven't got to it yet. Are you running kcheckpass as root (maybe SETUID)? If so then SUSE would be using PAM without my patch to pam_unix.so which allows unix_chkpwd to be called if /etc/shadow can't be opened as root (without that patch it just aborts). Also does SUSE have unix_verify (again part of my patch) installed? If not then the default policy will not work in all situations...
> > Maybe we should have a suse.te and suse.fc for such things? One thing we I'll put it in my tree, Steve will have to decide about CVS when he next does an update. # Depends: rpm.te suse.te needs the above line. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Sat 17 Jul 2004 - 22:58:58 EDT |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |