diff --git a/libselinux.changes b/libselinux.changes
index 16f35a5..3da3a65 100644
--- a/libselinux.changes
+++ b/libselinux.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Apr  8 06:37:34 UTC 2010 - thomas@novell.com
+
+- selinux-ready: added functions for checking PAM config and
+                 policy boolean init_upstart 
+
 -------------------------------------------------------------------
 Wed Apr  7 13:26:59 UTC 2010 - thomas@novell.com
 
diff --git a/selinux-ready b/selinux-ready
index bdc24a1..2d639c6 100644
--- a/selinux-ready
+++ b/selinux-ready
@@ -97,6 +97,41 @@ check_mkinitrd()
 	fi
 }
 
+check_pam()
+{
+	AA_PAM=0
+	SE_PAM=0
+
+	# test for AA pam module
+	grep apparmor /etc/pam.d/* 2>&1 >/dev/null
+	FLG=$?
+	if [ $FLG == 0 ]; then
+		AA_PAM=1
+	fi
+
+	# test for SELinux pam module
+	grep selinux /etc/pam.d/* 2>&1 >/dev/null
+	FLG=$?
+	if [ $FLG == 0 ]; then
+		SE_PAM=1
+	fi
+
+	# suggest config
+	if [ $SE_PAM == 1 ] && [ $AA_PAM == 0 ]; then
+		printf "\tcheck_pam: OK. Your PAM configuration seems to be correct.\n"
+		return 0
+	fi
+		printf "\tcheck_pam: ERR. Your PAM configuration seems to be incorrect.\n"
+	if [ $AA_PAM == 1 ]; then
+		printf "             execute 'pam-config -d --apparmor' as root\n"
+	fi
+	if [ $SE_PAM == 0 ]; then
+		printf "             execute 'pam-config -a --selinux' as root\n"
+	fi
+
+	return 1
+}
+
 check_initupstart()
 {
 	CFGFILE="/etc/selinux/config"
@@ -175,6 +210,6 @@ check_mkinitrd
 check_packages
 check_config
 check_initupstart
+check_pam
 
 rm -rf $TD
-#echo $TD