[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bits from the release team: the plans for etch

>         Oh, that's not needed. SElinux uses PAM to mediate access to
>  the password (there is a SELinux PAM module now). So, people who want
>  to enable SELinux on their machine have to do something like so:
> 
> ,----[ Add SELinux capability to the system ]
> | if ! grep pam_selinux.so /etc/pam.d/login >& /dev/null; then
> |     echo "" >> /etc/pam.d/login
> |     echo "session required pam_selinux.so multiple" >> /etc/pam.d/login
> |     echo "" >> /etc/pam.d/login
> | fi
> `----


We could maybe provide this (commented) in /etc/pam.d/login....or,
maybe better, this could go (still commented) in
/etc/pam.d/common-session.

Could you point me (and possibly other readers) to "not too deeply
technical" doc about SELinux? After all, talking of something without
actually really knowing it is pretty hard..:-)
Reply to: