On Wed, 2007-05-30 at 09:48 +0100, Ted Rule wrote:
Looking at the policy changes for cron in policy 69, I see that the auth_domtrans_chk_passwd(crond_t) transition has been removed, ( see diff below ).
By adding this entry back into the selinux policy for crond_t, I was apparently able to restore correct operation of cron:
auth_domtrans_chk_passwd(crond_t)
Is that the correct fix, or does the problem really lie in recoding crond itself to use unix_update instead of unix_chkpwd ??
Actually I just need to release update of pam in FC-6.