in file /etc/security/pam-script/pam_script function goodperms () does `stat` with no soft link dereferencing. Any soft link fails to work. Following code is not correct for soft links: stat_output=`/usr/bin/stat -c "%A:%u:%g" "$path"` ... world_write_bit=${stat_output:8:1} ... if [ ${world_write_bit} != "-" Stat's call should do dereferencing of the links, like: stat_output=`/usr/bin/stat -Lc "%A:%u:%g" "$path"` Reproducible: Always Steps to Reproduce: 1. create the link to the script in /etc/security/pam-script/pam-script.d/ folder 2. try to use it 3. /etc/security/pam-script/pam_script_ses_open: Unsafe permissions for path /etc/security/pam-script/pam-script.d/test_ses_open; Rejecting execution. Expected Results: soft links should be allowed
This is more of an upstream issue, rather than a Gentoo specific issue.