> -----Original Message----- > From: Whiteman, John L > Sent: Monday, December 15, 2014 4:44 PM > To: Schaufler, Casey; Zaman, Imran; [email protected] > Cc: Laako, Jussi > Subject: RE: SMACK Labels for /dev/snd/* > > I checked on the pam side as well. You may want to look at > upstream/pam/modules/pam_access configuration files. Valid names > should be > in ttyname() form only. Modules pam_securetty and pam_smack only take a > valid pam name as a string. Nothing hard-coded. It would be an interesting > experiment if you explicitly allow tty1 ... tty# in > /etc/security/access.conf to see if that works on your system. There you > can run strace to see where it gets set.
This could be another manifestation of TC-1755. I am testing a fix for that now. > -----Original Message----- > From: Dev [mailto:[email protected]] On Behalf Of Schaufler, > Casey > Sent: Monday, December 15, 2014 8:59 AM > To: Zaman, Imran; [email protected] > Cc: Laako, Jussi > Subject: Re: [Dev] SMACK Labels for /dev/snd/* > > > -----Original Message----- > > From: Dev [mailto:[email protected]] On Behalf Of Zaman, > > Imran > > Sent: Monday, December 15, 2014 3:18 AM > > To: [email protected] > > Cc: Laako, Jussi > > Subject: [Dev] SMACK Labels for /dev/snd/* > > Importance: High > > > > Hei! > > > > Recently we have encountered an issue that if a PAM user session has > > PAM_TTY set as "tty1", then it sets appropriate smack labels for > /dev/snd/*. > > What label do the files get? > > > otherwise the smack labels are not set appropriately for any other > > value and the devices become inaccessible. > > What label do they get? What would you like it to be? > > > > > Can someone please indicate, > > a- Which component is responsible for setting up the smack lables for > > /dev/snd/* on the fly? Is it systemd? > > b- Why is it hard-coded such that if PAM session has PAM_TTY set to "tty1" > > then it works correctly otherwise not e.g. for "tty7" etc? > > /lib/udev/rules.d is the repository for device labeling rules. > > > I would really appreciate if someone (or related person) responds at > > the earliest :-) > > Wouldn't we all? :) > > > BR > > imran > > --------------------------------------------------------------------- > > Intel Finland Oy > > Registered Address: PL 281, 00181 Helsinki Business Identity Code: > > 0357606 - 4 Domiciled in Helsinki > > > > This e-mail and any attachments may contain confidential material for > > the sole use of the intended recipient(s). Any review or distribution > > by others is strictly prohibited. If you are not the intended > > recipient, please contact the sender and delete all copies. > > > > _______________________________________________ > > Dev mailing list > > [email protected] > > https://lists.tizen.org/listinfo/dev > _______________________________________________ > Dev mailing list > [email protected] > https://lists.tizen.org/listinfo/dev
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
