1 |
Le mardi 05 décembre 2006 04:58, Chris PeBenito a écrit : |
2 |
> > > > semanage login -a -s staff_u panard |
3 |
> > > > |
4 |
> > > > and tried to login. |
5 |
> > > > But, my user is still in user_u context : |
6 |
> > > > panard@aragorn ~ $ id |
7 |
> > > > uid=1000(panard) gid=100(users) |
8 |
> > > > groupes=10(wheel),16(cron),35(games),81 |
9 |
> > > > (apache),100(users),441(scanner) context=user_u:user_r:user_t |
10 |
> > > |
11 |
> > > Are you logging in locally, or over ssh? |
12 |
> > |
13 |
> > I tried both, giving the same result... |
14 |
> > I noticed that if I logged directly to root over ssh, the context is |
15 |
> > correct (root:staff_r:staff_t), but it doesn't work for any other users.. |
16 |
> |
17 |
> What versions of openssh, shadow, and pam do you have? |
18 |
|
19 |
aragorn ~ # emerge -pv openssh pam shadow |
20 |
|
21 |
These are the packages that would be merged, in order: |
22 |
|
23 |
Calculating dependencies... done! |
24 |
[ebuild U ] net-misc/openssh-4.5_p1 [4.4_p1-r6] USE="pam |
25 |
selinux -X -X509 -chroot -hpn -kerberos -ldap -libedit -skey -smartcard -static -tcpd" |
26 |
0 kB |
27 |
[ebuild R ] sys-libs/pam-0.78-r5 USE="berkdb |
28 |
selinux -nis -pam_chroot -pam_console -pam_timestamp -pwdb" 0 kB |
29 |
[ebuild R ] sys-apps/shadow-4.0.18.1 USE="nls pam |
30 |
selinux -cracklib -nousuid -skey" 0 kB |
31 |
|
32 |
First I was using openssh 4.5_p1, then I tried to downgrad it to 4.4_p1 for |
33 |
test, without success... |
34 |
|
35 |
Thanks, |
36 |
|
37 |
Panard |
38 |
-- |
39 |
HomePage: http://dev.inzenet.org/~panard/ |
40 |
Yzis : http://www.yzis.org |
41 |
Qomics : http://dev.inzenet.org/~panard/qomics |
42 |
Smileys : http://smileys.inzenet.org |
43 |
|
44 |
-- |
45 |
gentoo-hardened@g.o mailing list |