I checked on the pam side as well. You may want to look at upstream/pam/modules/pam_access configuration files. Valid names should be in ttyname() form only. Modules pam_securetty and pam_smack only take a valid pam name as a string. Nothing hard-coded. It would be an interesting experiment if you explicitly allow tty1 ... tty# in /etc/security/access.conf to see if that works on your system. There you can run strace to see where it gets set.
-----Original Message----- From: Dev [mailto:[email protected]] On Behalf Of Schaufler, Casey Sent: Monday, December 15, 2014 8:59 AM To: Zaman, Imran; [email protected] Cc: Laako, Jussi Subject: Re: [Dev] SMACK Labels for /dev/snd/* > -----Original Message----- > From: Dev [mailto:[email protected]] On Behalf Of Zaman, > Imran > Sent: Monday, December 15, 2014 3:18 AM > To: [email protected] > Cc: Laako, Jussi > Subject: [Dev] SMACK Labels for /dev/snd/* > Importance: High > > Hei! > > Recently we have encountered an issue that if a PAM user session has > PAM_TTY set as "tty1", then it sets appropriate smack labels for /dev/snd/*. What label do the files get? > otherwise the smack labels are not set appropriately for any other > value and the devices become inaccessible. What label do they get? What would you like it to be? > > Can someone please indicate, > a- Which component is responsible for setting up the smack lables for > /dev/snd/* on the fly? Is it systemd? > b- Why is it hard-coded such that if PAM session has PAM_TTY set to "tty1" > then it works correctly otherwise not e.g. for "tty7" etc? /lib/udev/rules.d is the repository for device labeling rules. > I would really appreciate if someone (or related person) responds at > the earliest :-) Wouldn't we all? :) > BR > imran > --------------------------------------------------------------------- > Intel Finland Oy > Registered Address: PL 281, 00181 Helsinki Business Identity Code: > 0357606 - 4 Domiciled in Helsinki > > This e-mail and any attachments may contain confidential material for > the sole use of the intended recipient(s). Any review or distribution > by others is strictly prohibited. If you are not the intended > recipient, please contact the sender and delete all copies. > > _______________________________________________ > Dev mailing list > [email protected] > https://lists.tizen.org/listinfo/dev _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
