Leave pam_selinux enabled by default in su.pam and remove it from the
/etc/pam.d/su and /etc/pam.d/su-l files if libselinux is not selected.
This cosmetic change prevents leaving a misleading commented-out line
that references a PAM module that does not exist.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
password required pam_unix.so nullok
-# session required pam_selinux.so close
+session required pam_selinux.so close
session required pam_limits.so
session required pam_env.so
session required pam_unix.so
session optional pam_lastlog.so
-# session required pam_selinux.so open
+session required pam_selinux.so open
ifeq ($(BR2_PACKAGE_LIBSELINUX),y)
UTIL_LINUX_DEPENDENCIES += libselinux
UTIL_LINUX_CONF_OPTS += --with-selinux
+else
+UTIL_LINUX_CONF_OPTS += --without-selinux
define UTIL_LINUX_SELINUX_PAMFILES_TWEAK
$(foreach f,su su-l,
- $(SED) 's/^# \(.*pam_selinux.so.*\)$$/\1/' \
+ $(SED) '/^.*pam_selinux.so.*$$/d' \
$(TARGET_DIR)/etc/pam.d/$(f)
)
endef
-else
-UTIL_LINUX_CONF_OPTS += --without-selinux
endif
# Used by cramfs utils
projects / buildroot.git / commitdiff