Bug#352494: [Pkg-shadow-devel] Bug#352494: passwd: confusing error message if /proc is not found

Russell Coker russell at coker.com.au
Sun Feb 12 22:20:29 UTC 2006


On Monday 13 February 2006 06:12, Nicolas François <nekral.lists at gmail.com> 
wrote:
> Can you have a look at http://bugs.debian.org/352494
>
> After enabling the SELinux support in passwd, passwd (and chage, chfn
> and chfn) doesn't work anymore if /proc is not mounted.
>
> I sent a patch, but I have no SELinux box (and I'm not confident in my
> understanding of SELinux).

The patch looks incorrect in terms of passwd.c and chage.c.

SE Linux is a second level of security, so all the Unix permission checks (IE 
the traditional use of amroot) must be used in addition to the SE Linux 
checks.  But the use of is_selinux_enabled() looks OK.




More information about the Pkg-shadow-devel mailing list