[redhat-lspp] Problem with pam_namespace.so
Tomas Mraz
tmraz at redhat.com
Tue Jan 23 11:29:58 UTC 2007
On Mon, 2007-01-22 at 13:00 -0500, Daniel J Walsh wrote:
> We have found a problem with pam_namespace.so.
>
> Basically if you go with the default configuration and you
> polyinstatiate /tmp, /var/tmp and /home
> for all non-admin users, setting up su to unmnt_only or unmnt_remount
> will not work as expected. If you su to root, you will still see the
> polyinstatiated directories. The pam_namespace code checks if
> the user you are authenticating is polyinstated, if not it returns
> success. But this happens BEFORE
> the unmnt_* code. So you do not get to see the previous polyinstatiated
> file system. I believe this is fixed in Rawhide but not in RHEL5.
Not yet, I'm just working on that.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the redhat-lspp
mailing list