On Wed, Sep 8, 2010 at 1:04 AM, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > I think there is a open bug report about changing this to use > pam_oddjob_mkhomedir. This one? https://bugzilla.redhat.com/show_bug.cgi?id=617449 I can confirm that installing oddjob-mkhomedir before running authconfig configures PAM correctly, without SELinux issues. Thanks. > > The problem with pam_mkhomedir is that it runs under the context of the > login programs, which requires us to give all login programs the ability > to manage all content within the users homedir. We are trying to > confine apps like sshd/xdm/rlogind from this access, to prevent flaws > that could reveal data in the homedir without have a login password. Yep, that makes sense. -c -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
