03-22-2012
No I have not done or installed anything on the system that will affect PAM module.
My pam.d/login file contents are
#%PAM-1.0
auth required pam_securetty.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_stack.so service=system-auth
session required pam_loginuid.so
session optional pam_console.so
# pam_selinux.so open should be the last session rule
# session required pam_selinux.so open
session required /lib/security/pam_limits.so
session sufficient /lib/security/pam_lsass.so
session required pam_selinux.so open
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hello,
I used the command
osascript -e 'tell app "Finder" to display dialog "Hey!"'
to display a dialog box..it works fine, it displays a dialog box with 'OK' and 'CANCEL' buttons..i want to get the button returned value how can i do that using terminal command?
is there any command to get... (1 Reply)
Discussion started by: keshav.murthy@r
1 Replies
2. Shell Programming and Scripting
I need to send out messages to over 100 clients in my sector. I want it to pop up a dialog box letting them know to save work and log out. I have the reboot script created just need the warning please. Thanks (35 Replies)
Discussion started by: deaconf19
35 Replies
3. Red Hat
Hey since this morning I(nonrrot user) am not able to log into my system with my username. I am using redhat linux kernel release 2.6.9-5.ELsmp. I aslo found the folowing output for chkconfig command:
# chkconfig --list|grep ldap
ldap 0: off 1: off 2: off 3: off 4: off 5: off... (5 Replies)
Discussion started by: ashok.g
5 Replies
4. Debian
Hi all,
I am working with debconf file for packaging the projects. I have used the
". /usr/share/debconf/confmodule" file to do the packaging in debian standard. It worked fine. When ever I am installing the package in apt-get the dialogs are come as I mentioned in the templates file.... (0 Replies)
Discussion started by: Nila
0 Replies
5. Shell Programming and Scripting
I want to create a script that displays a dialog box every interval of time and exits that loop when a user presses ENTER
Any idies? (4 Replies)
Discussion started by: amitlib
4 Replies
6. Shell Programming and Scripting
Hi All,
I was trying to generate GUI using shell script. After long search I found the utility called “dialog”. Using this utility I am able to generate window to collect the input.
dialog --inputbox "Input 1" 10 45
dialog --inputbox "Input 2" 10 45
dialog --inputbox "Input 3" 10 45
Using... (2 Replies)
Discussion started by: kalpeer
2 Replies
7. UNIX for Dummies Questions & Answers
I know, I can run dialog command in my machine. But what I want to do is I wanna show the dialog box to some other Remote host.
I connected to the remote system and used dialog command its shows the box in my terminal only. How can I display to that remote machine?? Any suggestions??? (3 Replies)
Discussion started by: Adhi
3 Replies
8. Shell Programming and Scripting
Does dialog box works on all kind of shells? I am using korn shell in Linux .
For me dialog is not working :) is there any particular syntax or do we need to have particular OS version or shell env?
#!/bin/ksh
dialog --title "create file" \
--backtitle "shell script practice" \... (1 Reply)
Discussion started by: NarayanaPrakash
1 Replies
9. Red Hat
Hi
I have a linux box and need to access from windows graphically
# uname -a
Linux pc-l416116 2.6.18-155.el5 #1 SMP Fri Jun 19 17:06:47 EDT 2009 i686 i686 i386 GNU/Linux
What components do I need to install on Linux and windows to do that?
TIA (6 Replies)
Discussion started by: magnus29
6 Replies
10. Shell Programming and Scripting
Hello.
Any help would be greatly appreciated.
Right now I have the following input box that works fine and well, however I would like to wrap this is a loop that requires input. Right now the script will happily continue on if the user just hits enter. I'd like to require a minimum of a 5... (5 Replies)
Discussion started by: woodson2
5 Replies
LEARN ABOUT LINUX
pam_selinux
PAM_SELINUX(8) Linux-PAM Manual PAM_SELINUX(8)
NAME
pam_selinux - PAM module to set the default security context
SYNOPSIS
pam_selinux.so [close] [debug] [open] [nottys] [verbose] [select_context] [env_params] [use_current_range]
DESCRIPTION
In a nutshell, pam_selinux sets up the default security context for the next execed shell.
When an application opens a session using pam_selinux, the shell that gets executed will be run in the default security context, or if the
user chooses and the pam file allows the selected security context. Also the controlling tty will have it's security context modified to
match the users.
Adding pam_selinux into a pam file could cause other pam modules to change their behavior if the exec another application. The close and
open option help mitigate this problem. close option will only cause the close portion of the pam_selinux to execute, and open will only
cause the open portion to run. You can add pam_selinux to the config file twice. Add the pam_selinux close as the executes the open pass
through the modules, pam_selinux open_session will happen last. When PAM executes the close pass through the modules pam_selinux
close_session will happen first.
OPTIONS
close
Only execute the close_session portion of the module.
debug
Turns on debugging via syslog(3).
open
Only execute the open_session portion of the module.
nottys
Do not try to setup the ttys security context.
verbose
attempt to inform the user when security context is set.
select_context
Attempt to ask the user for a custom security context role. If MLS is on ask also for sensitivity level.
env_params
Attempt to obtain a custom security context role from PAM environment. If MLS is on obtain also sensitivity level. This option and the
select_context option are mutually exclusive. The respective PAM environment variables are SELINUX_ROLE_REQUESTED,
SELINUX_LEVEL_REQUESTED, and SELINUX_USE_CURRENT_RANGE. The first two variables are self describing and the last one if set to 1 makes
the PAM module behave as if the use_current_range was specified on the command line of the module.
use_current_range
Use the sensitivity level of the current process for the user context instead of the default level. Also suppresses asking of the
sensitivity level from the user or obtaining it from PAM environment.
MODULE TYPES PROVIDED
Only the session module type is provided.
RETURN VALUES
PAM_AUTH_ERR
Unable to get or set a valid context.
PAM_SUCCESS
The security context was set successfully.
PAM_USER_UNKNOWN
The user is not known to the system.
EXAMPLES
auth required pam_unix.so
session required pam_permit.so
session optional pam_selinux.so
SEE ALSO
pam.conf(5), pam.d(5), pam(7)
AUTHOR
pam_selinux was written by Dan Walsh <dwalsh@redhat.com>.
Linux-PAM Manual 08/31/2010 PAM_SELINUX(8)