Hi Stephen, Yes , I am using open env_params for it. But for this, my sftp is not working and getting the below error message :
Dec 13 13:00:00 aman authpriv 3 sshd: pam_selinux(sshd:session): Unable to get valid context for sftpuser Dec 13 13:00:00 aman authpriv 6 sshd: pam_unix(sshd:session): session opened for user sftpuser by (uid=0) Please let me know if you have any idea on this. On Wed, Dec 13, 2017 at 8:54 PM, Stephen Smalley <[email protected]> wrote: > On Tue, 2017-12-12 at 23:47 -0500, Aman Sharma wrote: > > Hi All, > > > > just wanted to know the meaning of line session required > > pam_selinux.so open env_params added in /etc/pam.d/sshd file. > > Actually I am facing one issue related to this. When I changed this > > env_params to restore then my Sftp is not working. > > > > Can anybody Please guide me on this. > > man pam_selinux describes the options and what they mean. > Why did you change it to restore? Per the man page, restore is to > temporarily restore the contexts and would be a separate entry in the > PAM stack before the module that needs the original contexts, followed > by a pam_selinux.so open env_params after that module to set them up > again. But don't use restore unless you actually need it for some > reason. > > > > -- Thanks Aman Cell: +91 9990296404 | Email ID : [email protected]
