The targeted policy does not set the context of users to unconfined_t as expected. In stead the context for users logged in on the console is local_login_t and for users logged in through SSH it is system_chkpwd_t.
The local_login_t for console logins only happens when the pam_selinux invocation is missing from /etc/pam.d/login
sshd does not seem to need the pam module anymore, but perhaps it did when you originally tried it. (I admit that I did have the unix_chkpwd_t problem at one point, but it went away when I reinstalled the machine)
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
