| 1 |
Ok. I modified pam auth_system, and here is a workaround/solution for su |
| 2 |
problem. |
| 3 |
|
| 4 |
/etc/pam.d/system_auth |
| 5 |
+ session required»/lib/security/pam_selinux.so |
| 6 |
|
| 7 |
Though each time I su, I have to reenter my role and type. (staff_r, staff_t) |
| 8 |
Is there a better solution? |
| 9 |
|
| 10 |
Emre |
| 11 |
|
| 12 |
|
| 13 |
On Wednesday 26 May 2004 03:13 pm, nixnut wrote: |
| 14 |
> >On Wed, 2004-05-26 at 10:33, Emre wrote: |
| 15 |
> >>1. After I su to root and try /etc/init.d/xxx restart, I get: |
| 16 |
> >> |
| 17 |
> >>cannot find your entry in the passwd file. |
| 18 |
> >>authentication failed. |
| 19 |
> >> |
| 20 |
> >>But if I login from console, then it works ok. I made sure I installed |
| 21 |
> >> selinux version of required packages. |
| 22 |
> > |
| 23 |
> >You probably aren't using a selinux-enabled display manager, so when you |
| 24 |
> >log in to X, your identity is not set. GDM is the only one for sure |
| 25 |
> >thats in portage. KDM supposedly works with pam_selinux, and XDM and |
| 26 |
> >WDM might have upstream support, but I'm not sure. |
| 27 |
> |
| 28 |
> It is not an X problem. Starting a service like /etc/init.d/net.eth0 ask |
| 29 |
> for authentification. When starting this as root, I enter the root |
| 30 |
> password and the service gets started. If I login as ordinary user, then |
| 31 |
> su and then try to start the service I get the same error Emre mentions. |
| 32 |
> I can't find anything on this googling or searching the gentoo forums. |
| 33 |
> |
| 34 |
> regards, |
| 35 |
> nixnut |
| 36 |
> |
| 37 |
> -- |
| 38 |
> gentoo-hardened@g.o mailing list |
| 39 |
|
| 40 |
-- |
| 41 |
gentoo-hardened@g.o mailing list |
Archives