On 11/21/2017 11:30 PM, Timothée Floure wrote:
~/.pam_environment is a symbolic link to ~/.dotfiles/pam_environment.
Symlinks aren't processed according to their target, so they tend to be
problematic with SELinux. Consider using a hard link instead.
~/.pam_environment is a symbolic link to ~/.dotfiles/pam_environment.
Here the AVC denial message :
Nov 22 08:25:22 phi audit[983]: AVC avc: denied { getattr } for
pid=983 comm="login"
path="/home/fnux/.dotfiles/homedir/.pam_environment" dev="dm-7" ino=1428
scontext=system_u:system_r:local_logi
On 11/21/2017 10:36 AM, Timothée Floure wrote:
> Ahah ! The culprit is SELinux !
>
> I can easily set SELinux to permissive, but it's not a proper solution.
> What would be the best fix ? Should I set a specific flag [0] to my
> ~/.pam_environment or is there a better way to handle this with pam ?
Ahah ! The culprit is SELinux !
I can easily set SELinux to permissive, but it's not a proper solution.
What would be the best fix ? Should I set a specific flag [0] to my
~/.pam_environment or is there a better way to handle this with pam ?
[0] I'm not familiar with SELinux
On 21/11/17 14:47, T
I directly login from a tty and don't use a DM : I guess
/etc/pam.d/login is fine ? I will try with debugging enabled.
Thanks!
PS: I missed the reply list button the first time, sorry !
On 21/11/17 14:39, Berend De Schouwer wrote:
> On Tue, 2017-11-21 at 14:15 +0100, Timothée Floure wrote:
>> He
On Tue, 2017-11-21 at 14:15 +0100, Timothée Floure wrote:
> Hello,
>
> I'm trying to set some environment variables via
> $HOME/.pam_environment
> on my F27 system. I understand that the feature is disabled by
> default
> on Fedora so I tried to add the following line to `/etc/pam.d/login`
> :
>
Hello,
I'm trying to set some environment variables via $HOME/.pam_environment
on my F27 system. I understand that the feature is disabled by default
on Fedora so I tried to add the following line to `/etc/pam.d/login` :
```
session required pam_env.so user_readenv=1
```
However, even wi
