Package: auditd Version: 1:1.7.18-1.1 Severity: normal Hi,
According to pam_loginuid manpage, the module should only be loaded in "entry point applications", adding this to common-session and common-session-interactive will cause the module to be also used in no-login services (see #661745). Auditd should rely on logins services doing their job and calling pam_loginuid themself. >From pam_loginuid(8): The pam_loginuid module sets the loginuid process attribute for the process that was authenticated. This is necessary for applications to be correctly audited. This PAM module should only be used for entry point applications like: login, sshd, gdm, vsftpd, crond and atd. There are probably other entry point applications besides these. You should not use it for applications like sudo or su as that defeats the purpose by changing the loginuid to the account they just switched to. Cheers Laurent Bigonville -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_BE.utf8, LC_CTYPE=fr_BE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages auditd depends on: ii libaudit0 1:1.7.18-1.1 ii libc6 2.13-33 ii libgssapi-krb5-2 1.10.1+dfsg-1 ii libkrb5-3 1.10.1+dfsg-1 ii libpam-runtime 1.1.3-7.1 ii libwrap0 7.6.q-23 ii lsb-base 4.1+Debian6 auditd recommends no packages. Versions of packages auditd suggests: pn audispd-plugins <none> -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org