From 5150d54da72bf67d500174a44858776f573a2e2c Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Sat, 2 Mar 2024 18:03:00 +0800 Subject: [PATCH] linux-pam: Mention kernel AUDIT configuration pam_loginuid.so will do nothing if AUDIT not enabled. --- kernel-config/postlfs/security/linux-pam.toml | 1 + postlfs/security/linux-pam-kernel.xml | 7 ++++++ postlfs/security/linux-pam.xml | 23 +++++++++++++++++++ 3 files changed, 31 insertions(+) create mode 100644 kernel-config/postlfs/security/linux-pam.toml create mode 100644 postlfs/security/linux-pam-kernel.xml diff --git a/kernel-config/postlfs/security/linux-pam.toml b/kernel-config/postlfs/security/linux-pam.toml new file mode 100644 index 0000000000..03c5599428 --- /dev/null +++ b/kernel-config/postlfs/security/linux-pam.toml @@ -0,0 +1 @@ +AUDIT='*' diff --git a/postlfs/security/linux-pam-kernel.xml b/postlfs/security/linux-pam-kernel.xml new file mode 100644 index 0000000000..7d0568d713 --- /dev/null +++ b/postlfs/security/linux-pam-kernel.xml @@ -0,0 +1,7 @@ + + + +General setup ---> + [*] Auditing support [AUDIT] diff --git a/postlfs/security/linux-pam.xml b/postlfs/security/linux-pam.xml index 3daa7c161b..c0eae23f20 100644 --- a/postlfs/security/linux-pam.xml +++ b/postlfs/security/linux-pam.xml @@ -138,6 +138,29 @@ + + Kernel Configuration + + + For the PAM module pam_loginuid.so (referred by + the PAM configuration file system-session if + is + built is + rebuilt with PAM support later) to work, + a kernel configuration parameter need to be set or the module will + just do nothing: + + + + + + Linux-PAM + + + + Installation of Linux PAM