[redhat-lspp] Problem with pam_namespace.so
Daniel J Walsh
dwalsh at redhat.com
Mon Jan 22 18:00:27 UTC 2007
We have found a problem with pam_namespace.so.
Basically if you go with the default configuration and you
polyinstatiate /tmp, /var/tmp and /home
for all non-admin users, setting up su to unmnt_only or unmnt_remount
will not work as expected. If you su to root, you will still see the
polyinstatiated directories. The pam_namespace code checks if
the user you are authenticating is polyinstated, if not it returns
success. But this happens BEFORE
the unmnt_* code. So you do not get to see the previous polyinstatiated
file system. I believe this is fixed in Rawhide but not in RHEL5.
Dan
More information about the redhat-lspp
mailing list