| 1 |
Richard Simpson wrote: |
| 2 |
|
| 3 |
> Greetings, |
| 4 |
> |
| 5 |
> I have just installed hardened Gentoo this week (based on the 2.6.7 kernel), |
| 6 |
> and everything seems to be working normally (at least I think so). |
| 7 |
> |
| 8 |
> One puzzlement is that /etc/pam.d/login and other pam config files do not |
| 9 |
> have an entry for pam_selinux.so. Do I need to edit these files accordingly? |
| 10 |
> Pam is not discussed much in the otherwise excellent documentation. |
| 11 |
> |
| 12 |
> Richard Simpson |
| 13 |
> |
| 14 |
|
| 15 |
You do not need to edit the pam.d files because Gentoo uses login and |
| 16 |
sshd patches to handle login context and to relabel the terminals rather |
| 17 |
than the pam module. This is because the pam module has had some issues |
| 18 |
in the past that have not been corrected (Fedora is currently switching |
| 19 |
back to login service patches rather than pam_selinux for the same reason). |
| 20 |
|
| 21 |
|
| 22 |
P.S. |
| 23 |
Please don't add sender notification to emails to the list. |
| 24 |
|
| 25 |
Joshua Brindle |
| 26 |
|
| 27 |
-- |
| 28 |
gentoo-hardened@g.o mailing list |
Archives