polyinstantiation of the /tmp dir
Clarkson, Mike R (US SSA)
mike.clarkson at baesystems.com
Wed Sep 5 20:06:29 UTC 2007
I'm trying to set up polyinstantiation of the /tmp directory using
RHEL5. The /etc/security/namespace.conf file shows the following line as
needing to be uncommented out:
/tmp /tmp-inst/ level root,adm
The /usr/share/doc/pam-0.99.6.2/txts/README.pam_namespace file describes
the format of the /etc/security/namespace.conf file, and the allowable
values. For the <method> entry it lists the following valid values:
"user", "context", "both". It doesn't list "level" as a valid value.
However, "level" is the only value that I can get to work. With "user",
"context", or "both", I get the following error when I attempt to use
newrole to change the level of my shell:
"pam_open_session failed with Cannot make/remove an entry for
the specified session"
Any ideas as to why? And what other values are valid other than "level"
Thanks
More information about the fedora-selinux-list
mailing list