Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 169659 - policycoreutils-1.30-r1 and pam-0.99.7.1 don't match
Summary: policycoreutils-1.30-r1 and pam-0.99.7.1 don't match
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Hardened (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: SE Linux Bugs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-03-06 20:04 UTC by Michael Edenfield
Modified: 2007-08-20 04:45 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Edenfield 2007-03-06 20:04:45 UTC 
The latest ~x86 version of pam appears to break policycoreutils, due to the last of the pam_stack.so module.

Note that I'm pretty sure this is a different problem than bug #156124: I'm not getting any undefined symbol errors with pam_selinux itself.  Instead, the problem is that the pam configs installed by policycoreutils look like this:

#%PAM-1.0

auth       required     /lib/security/pam_stack.so service=system-auth
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_xauth.so

(This is for /etc/pam.d/newrole and /etc/pam.d/run_init)

Since pam_stack no longer exists (and isn't needed), they should probably look like this:

#%PAM-1.0

auth       include      system-auth
account    include      system-auth
password   include      system-auth
session    include      system-auth
session    optional     /lib/security/pam_xauth.so
Comment 1 Matthias Geerdsen (RETIRED) gentoo-dev 2007-03-06 20:17:16 UTC 
not a security issue/vulnerability
reassigning to hardened
Comment 2 solar (RETIRED) gentoo-dev 2007-03-06 21:28:44 UTC 
reassigning to selinux to make it eaiser for them to find this bug.
Comment 3 Chris PeBenito (RETIRED) gentoo-dev 2007-08-20 04:45:21 UTC 
fixed in policycoreutils-1.34.1