> Instead, you should check if someone has written a PAM 'session' > module which could do this. (There's one for mount namespaces.) If > not, one should be easy to write, and it'll protect *all* login > methods. I just found pam_netns <http://pam-netns.sourceforge.net> and will follow that path. Thanks for your hint! Yarny