Package Details: pam-selinux 1.5.1-1

Git Clone URL: https://aur.archlinux.org/pam-selinux.git (read-only, click to copy)
Package Base: pam-selinux
Description: SELinux aware PAM (Pluggable Authentication Modules) library
Upstream URL: http://linux-pam.org
Keywords: selinux
Licenses: GPL2
Groups: selinux
Conflicts: pam, selinux-pam
Provides: libpam.so, libpam_misc.so, libpamc.so, pam=1.5.1-1, selinux-pam=1.5.1-1
Submitter: Siosm
Maintainer: IooNag
Last Packager: IooNag
Votes: 22
Popularity: 0.000755
First Submitted: 2013-11-03 20:05
Last Updated: 2021-07-03 14:41

Required by (410)

Sources (3)

Latest Comments

1 2 3 4 5 Next › Last »

IooNag commented on 2021-04-30 20:36

yar: there was indeed a bug in the PKGBUILD of pam-selinux. I probably fixed it in https://aur.archlinux.org/cgit/aur.git/commit/?h=pam-selinux&id=b156403746cf6d81e6737e8151faecaea7d0c627 and now pam-selinux package declares that it provides libpam.so=0-64. Does it fix your issue?

yar commented on 2021-04-30 06:42

resolving dependencies...
looking for conflicting packages...
warning: removing 'pam' from target list because it conflicts with 'pam-selinux'
error: failed to prepare transaction (could not satisfy dependencies)
:: unable to satisfy dependency 'libpam.so=0-64' required by xscreensaver

This seems to conflict with xscreensaver now that they depend on libpam.so https://github.com/archlinux/svntogit-packages/commit/99c589cbcf3a1527a6751cf0d8ef2f298a036896

I'm not sure how to resolve this.

JoSSa commented on 2019-03-19 12:17

Yes, using 4.20.16.a-1-hardened. I have not been using linux-selinux anymore.

IooNag commented on 2019-03-17 14:19

JoSSa: which kernel are you using? On the virtual machine that I am using for tests, "passwd vagrant" works fine with linux-selinux (4.19.9.arch1-1) but not with linux-hardened (version 4.20.16.a-1-hardened). On this second kernel:

strace -e execve -f -s1024 passwd vagrant

execve("/usr/bin/passwd", ["passwd", "vagrant"], 0x7a1596282228 / 33 vars /) = 0 strace: Process 422 attached [pid 422] execve("/usr/bin/unix_chkpwd", ["/usr/bin/unix_chkpwd", "vagrant", "nullok"], 0x63ffd6b553e0 / 0 vars /) = -1 ENOMEM (Cannot allocate memory) [pid 422] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} --- [pid 422] +++ killed by SIGSEGV +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=422, si_uid=0, si_status=SIGSEGV, si_utime=3, si_stime=14} --- strace: Process 423 attached [pid 423] execve("/usr/bin/unix_chkpwd", ["/usr/bin/unix_chkpwd", "vagrant", "chkexpiry"], 0x63ffd6b513a8 / 0 vars /) = -1 ENOMEM (Cannot allocate memory) [pid 423] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} --- [pid 423] +++ killed by SIGSEGV +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=423, si_uid=0, si_status=SIGSEGV, si_utime=1, si_stime=15} --- passwd: Authentication failure passwd: password unchanged +++ exited with 10 +++

What could make execve() syscall return ENOMEM?

JoSSa commented on 2019-03-02 03:56

Successfully compiled. But when I use "passwd <someuser>" as root, I get:

passwd: Authentication failure passwd: password unchanged

even in selinux permissive mode. In the log file the error is (XXXX is my machine hostname):

Mar 01 22:46:23 XXXXX audit[1065]: ANOM_ABEND auid=1000 uid=0 gid=0 ses=3 subj=staff_u:staff_r:chkpwd_t:s0 pid=1065 comm="unix_chkpwd" exe="/usr/bin/unix_chkpwd" sig=11 res=1 Mar 01 22:46:23 XXXXX passwd[1063]: pam_unix(passwd:chauthtok): unix_chkpwd abnormal exit: 11

IooNag commented on 2019-02-23 08:42

@larrybowgensloth I successfully build the package today. What error have you got? Could you try building Arch Linux's official pam package?

larrybowgensloth commented on 2019-02-23 01:17

Sadly this doesn't compile anymore.

Siosm commented on 2014-01-02 21:49

Renamed to pam-selinux

skorgon commented on 2013-05-11 17:01

I can confirm, the updated release fixes the issue.

Nicky726 commented on 2013-05-11 15:16

I upgraded the package, so that it is now based on version 1.1.6-3 currently in [core]. I can log in without problems now. It seems to me, that a rebuild was needed due to libtirpc upgrade.