Some applications, such as Log Viewer and other applications in the Configuration Tools Project need root privileges to run. To prompt the user for the root password, configure the correct PAM files to use consolehelper. This example uses the program redhat-logviewer as an example. Replace it with the name of your program.

When a user executes the command redhat-logviewer, it calls consolehelper, which in turn calls userhelper to authenticate the user with PAM. If the user enters the correct root password, the user is authenticated, and authentication is remember for the user on the same tty for five minutes.

When using Make to install the package and when configuring the files to build the RPM package, to make sure these files are installed in the correct location, create the /etc/security/console.apps/redhat-logviewer file as redhat-logviewer.console and the /etc/pam.d/redhat-logviewer file as redhat-logviewer.pam. In the Makefile, add the following variables declarations:

PAMD_DIR        =    /etc/pam.d
SECURITY_DIR    =    /etc/security/console.apps
PKGNAME         =    redhat-logviewer

In the install section of the Makefile, add the following lines:

install ${PKGNAME}.pam $(INSTROOT)$(PAMD_DIR)/${PKGNAME}
install ${PKGNAME}.console $(INSTROOT)$(SECURITY_DIR)/${PKGNAME}

Finally, in the redhat-logviewer.spec file, add the following lines under the %files section so that the files are installed with the RPM and are in the file list for the package:

%attr(0644,root,root) %config(noreplace) /etc/security/console.apps/%{name}
%attr(0644,root,root) %config(noreplace) /etc/pam.d/%{name}