Package Details: pam-selinux 1.6.1-3

Git Clone URL: https://aur.archlinux.org/pam-selinux.git (read-only, click to copy)
Package Base: pam-selinux
Description: SELinux aware PAM (Pluggable Authentication Modules) library
Upstream URL: http://linux-pam.org
Keywords: selinux
Licenses: GPL-2.0-only
Groups: selinux
Conflicts: pam, selinux-pam
Provides: libpam.so, libpamc.so, libpam_misc.so, pam, selinux-pam
Submitter: Siosm
Maintainer: IooNag
Last Packager: IooNag
Votes: 22
Popularity: 0.000878
First Submitted: 2013-11-03 20:05 (UTC)
Last Updated: 2024-09-07 13:41 (UTC)

Required by (835)

Sources (2)

Pinned Comments

IooNag commented on 2021-10-10 19:27 (UTC)

WARNING: When upgrading a system using pam-selinux, it is recommended to keep a root shell open in a different session/terminal to fix issues, as the authentication system could break when a dependency is updated. For example when libnsl 2.0.0 was released, /usr/lib/security/pam_unix.so could no longer be loaded and pam-selinux needed to be rebuilt/updated in order to fix the authentication system.

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 Next › Last »

JoSSa commented on 2019-03-02 03:56 (UTC)

Successfully compiled. But when I use "passwd <someuser>" as root, I get:

passwd: Authentication failure passwd: password unchanged

even in selinux permissive mode. In the log file the error is (XXXX is my machine hostname):

Mar 01 22:46:23 XXXXX audit[1065]: ANOM_ABEND auid=1000 uid=0 gid=0 ses=3 subj=staff_u:staff_r:chkpwd_t:s0 pid=1065 comm="unix_chkpwd" exe="/usr/bin/unix_chkpwd" sig=11 res=1 Mar 01 22:46:23 XXXXX passwd[1063]: pam_unix(passwd:chauthtok): unix_chkpwd abnormal exit: 11

IooNag commented on 2019-02-23 08:42 (UTC)

@larrybowgensloth I successfully build the package today. What error have you got? Could you try building Arch Linux's official pam package?

larrybowgensloth commented on 2019-02-23 01:17 (UTC)

Sadly this doesn't compile anymore.

Siosm commented on 2014-01-02 21:49 (UTC)

Renamed to pam-selinux

skorgon commented on 2013-05-11 17:01 (UTC)

I can confirm, the updated release fixes the issue.

Nicky726 commented on 2013-05-11 15:16 (UTC)

I upgraded the package, so that it is now based on version 1.1.6-3 currently in [core]. I can log in without problems now. It seems to me, that a rebuild was needed due to libtirpc upgrade.

skorgon commented on 2013-05-11 05:42 (UTC)

This package and/or selinux-pam-base just prevented me from login to my system (gfx + tty). journal with selinux-pam + selinux-pam-base May 10 22:11:34 skorgonTP kdm[388]: :0[388]: PAM unable to dlopen(/usr/lib/security/pam_selinux.so): /usr/lib/security/pam_selinux.so: cannot open shared object file: No such file or directory May 10 22:11:34 skorgonTP kdm[388]: :0[388]: PAM adding faulty module: /usr/lib/security/pam_selinux.so May 10 22:11:34 skorgonTP kdm[388]: :0[388]: pam_unix(kde:session): session opened for user skorgon by (uid=0) May 10 22:11:34 skorgonTP systemd-logind[329]: New session 1 of user skorgon. May 10 22:11:34 skorgonTP systemd-logind[329]: Linked /tmp/.X11-unix/X0 to /run/user/1000/X11-display. May 10 22:11:34 skorgonTP kdm[388]: :0[388]: pam_open_session() for skorgon failed: Module is unknown May 10 22:11:34 skorgonTP kdm[388]: :0[388]: Client start failed May 10 20:42:45 skorgonTP login[340]: PAM unable to dlopen(/usr/lib/security/pam_unix.so): /usr/lib/security/pam_unix.so: undefined symbol: log_debug May 10 20:42:45 skorgonTP login[340]: PAM adding faulty module: /usr/lib/security/pam_unix.so May 10 20:42:45 skorgonTP login[340]: FAILED LOGIN SESSION FROM tty1 FOR root, Module is unknown journal with stock pam + selinux-pam-base: May 10 22:11:39 skorgonTP kdm[502]: :0[502]: PAM unable to dlopen(/usr/lib/security/pam_selinux.so): /usr/lib/security/pam_selinux.so: cannot open shared object file: No such file or directory May 10 22:11:39 skorgonTP kdm[502]: :0[502]: PAM adding faulty module: /usr/lib/security/pam_selinux.so May 10 22:11:39 skorgonTP kdm[502]: :0[502]: pam_unix(kde:session): session opened for user skorgon by (uid=0) May 10 22:11:39 skorgonTP systemd-logind[329]: New session 2 of user skorgon. May 10 22:11:39 skorgonTP systemd-logind[329]: Linked /tmp/.X11-unix/X0 to /run/user/1000/X11-display. May 10 22:11:39 skorgonTP kdm[502]: :0[502]: pam_open_session() for skorgon failed: Module is unknown May 10 22:11:39 skorgonTP kdm[502]: :0[502]: Client start failed May 10 22:11:39 skorgonTP kdm[502]: :0[502]: pam_unix(kde:session): session closed for user skorgon May 10 22:11:39 skorgonTP kdm[502]: :0[502]: pam_close_session() failed: Module is unknown May 10 22:11:39 skorgonTP systemd-logind[329]: Removed session 2. May 10 22:11:41 skorgonTP dhclient[493]: XMT: Solicit on wlp3s0, interval 8110ms. May 10 22:11:41 skorgonTP dhclient[493]: RCV: Advertise message on wlp3s0 from fe80::1e14:48ff:fe5f:1a20. May 10 22:11:41 skorgonTP dhclient[493]: message status code NoAddrsAvail: "No addresses available for this interface." May 10 22:11:44 skorgonTP login[336]: PAM unable to dlopen(/usr/lib/security/pam_selinux.so): /usr/lib/security/pam_selinux.so: cannot open shared object file: No such file or directory May 10 22:11:44 skorgonTP login[336]: PAM adding faulty module: /usr/lib/security/pam_selinux.so May 10 22:11:47 skorgonTP login[336]: pam_unix(login:session): session opened for user root by LOGIN(uid=0) May 10 22:11:47 skorgonTP systemd-logind[329]: New session 3 of user root. May 10 22:11:47 skorgonTP login[336]: Module is unknown

xangelux commented on 2013-02-25 16:13 (UTC)

it seems that the file contains that functions and it complains about re-defining a functions as well as getting the function parameters wrong, so I assume the function was added to the selinux packages with the correct parameters so I deleted the function and it builded properly. As I read pam_unix2 is in charge of checking the password in shadow and passwd so if it doesn't work anybody could notice in a sudo, su or even a login (I assume). Not sure if I'm correct but so far I'm ussing that hack and nothing has gone wrong. I'm considering reporting it as a bug to arch devs.

Nicky726 commented on 2013-02-25 10:33 (UTC)

Unfortunately, I had no luck applying this patch either, but I have recreated it and this time the aplication and build succeeded. Not sure what does the removal of the function do to the functionality of pam_unix2 though. Updated version uploaded, I have not changed pkgrel to correspond to the version in [core].

xangelux commented on 2013-02-24 20:34 (UTC)

I edited the patch to work with your files http://pastebin.com/0HMgS05n

« First ‹ Previous 1 2 3 4 5 6 Next › Last »