[Pkg-shadow-devel] Bug#472575: Bug#472575: Bug#472575: Bug#472575: /usr/bin/passwd needs patch for better SE Linux support

Nicolas François nicolas.francois at centraliens.net
Tue Mar 25 22:49:54 UTC 2008


Hello,

You also mentioned a dependency on the kernel, is there a need for
a versioned dependency on libselinux1-dev with your patch?


The remaining of the mail is not directly related to your patch, but is
still related to SE Linux support in shadow.

On Wed, Mar 26, 2008 at 08:09:41AM +1100, russell at coker.com.au wrote:
> On Wednesday 26 March 2008 04:08, Christian Perrier <bubulle at debian.org> 
> wrote:
> > Quoting Nicolas François (nicolas.francois at centraliens.net):
> > > > password.  With SE Linux Strict policy a user who has UID==0 and the
> > > > role user_r can do little damage to the system.
> > >
> > > Thanks for the patch. I will commit it for 4.1.1.
> >
> > Is there any need to discuss this with other distros?
> 
> Which other distros are you referring to?  Red Hat appears to use a different 
> source base for passwd (and in any case a large part of my patch was copied 
> from their code).  Who else has SE Linux support?

I merged a lot of patches from Fedora to upstream. Some patches remain,
like shadow-4.1.0-selinux.patch. But Fedora should basically use the same
source for shadow. However, Fedora does not install passwd from the
shadow sources but from another source package.



More information about the Pkg-shadow-devel mailing list