1 |
I tried running passwd and got "passwd: Critical error - immediate = abort". |
2 |
When I looked in /var/log/messages I found an avc denied message that |
3 |
mentioned cracklib_dict.pwd. Doing a search I found |
4 |
/usr/lib/cracklib_dict.pwd. This file was labeled = system_u:object_r:lib_t. |
5 |
When I looked in the policy files crack.fc and passwd.te I found that = the |
6 |
passwd_t domain is allowed read access to file typed crack_db_t and that = |
7 |
the files in /var/cache/cracklib(/.*)? are to be labled with this type. I = |
8 |
added this line to crack.fc: |
9 |
|
10 |
/usr/lib/cracklib_dict.* system_u:object_r:crack_db_t |
11 |
|
12 |
This fixed my problems with passwd. |
13 |
|
14 |
Is this the right solution? |
15 |
Does Gentoo ever place cracklib files in /var/cache? |
16 |
|
17 |
-Tad |
18 |
|
19 |
|
20 |
-- |
21 |
gentoo-hardened@g.o mailing list |