On Tue, Apr 10, 2007 at 08:56:51AM +0100, Roger Leigh wrote: > Yes. PAM is used for user authentication and authorisation, and is > integral to the operation of schroot. Given that schroot runs setuid > root to do what it does, I would be reluctant to write an alternative > to replace the PAM functionality, due to the potential for severe > security problems if I make any mistakes. > > Linux-PAM did previously contain Linux kernel datatypes (for reasons > which escape me), but TTBOMK these were removed over a year ago. Will > it now build for you? (Some of the modules might not build or be > useful for you, but the configure script should be able to disable > those--though this might need adding).
The problem is unconditional use of SELinux. Fixing PAM for non-Linux was on hold for the last half year or so due to the etch release, I hope this will change soon (see #333141); alternatively we could look at doing it out-of-archive ourselves. Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
