Upgrade to Linux-PAM 0.77 with Security-Enhanced Linux support
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pam (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
As one of the Hoary goals, the deployment of Security-Enhanced Linux needs both
userland and kernel space modifications.
negative impact in the performance, and SELinux can be enabled and disabled in
runtime and boot time.
PAM is one of the key components that need to be modified in order to have
support for SELinux.
Users need to be authenticated and "alocated" in their proper contexts and such,
which is managed by the SELinux subsystem by using an specific PAM module.
It will also provide SELinux support for all of those applications that rely on
PAM modules to make authentication (kdm is a good example).
Current PAM version for both Sid and Hoary is 0.76, which lacks of latest bug
fixes and extra features.
Of course it lacks also SELinux support.
I've made available an upgraded packages for Hoary, bringing an updated PAM
(0.77) with SELinux support, based on Russell Coker's packages, who was the man
working on SELinux deployment in Debian and did many work on it.
The packages can be found, including sources, at
http://
It would be great to upgrade the current PAM packages to 0.77, as Manjo S. from
Debian is doing many work on the deployment of this features in Sid (but now
focusing on the forthcoming unstable branch).
Cheers,
Lorenzo.
http://
(In reply to comment #0)
> It would be great to upgrade the current PAM packages to 0.77, as Manjo S. from
> Debian is doing many work on the deployment of this features in Sid (but now
> focusing on the forthcoming unstable branch).
Typo, he is Manoj Srivastava, sorry.
Cheers,
Lorenzo.