Learn more about these different git repos.
Other Git URLs
The SELinux login file was created by pam_sss. This was wrong, because by the time pam_sss is loaded by the PAM-aware application, it is running with the context of the application, such as sshd_t. This would make it hard for policy writers, to allow creating the file.
It would be better to write the file in responder so that only sssd_t can be allowed to write into /etc/selinux/targeted
resolution: => fixed
status: new => closed
rhbz: => 0
type: defect => task
Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.9.0 beta 6
to comment on this ticket.