The proposed PAM config uses pam_sepermit for auth in gdm. Why is this needed, when login doesn't use this? Should SELinux handling not be identical between login and gdm?
Can this be generalized to other services as well (i.e., put it in as a PAM profile hooked into pam-auth-update)?
The proposed PAM config uses pam_sepermit for auth in gdm. Why is this needed, when login doesn't use this? Should SELinux handling not be identical between login and gdm?
Can this be generalized to other services as well (i.e., put it in as a PAM profile hooked into pam-auth-update)?