Overovani vuci LDAP
Michal Kaspar
mkaspar na ksrzis.cz
Pondělí Březen 10 11:38:34 CET 2003
On Mon, Mar 10, 2003 at 11:05:33AM +0100, Pavel Lisy wrote:
> ----
> #%PAM-1.0
> # This file is auto-generated.
> # User changes will be destroyed the next time authconfig is run.
> auth required /lib/security/$ISA/pam_env.so
> auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
> auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
> auth required /lib/security/$ISA/pam_deny.so
>
> account required /lib/security/$ISA/pam_unix.so \
> account [default=bad success=ok user_unknown=ignore
> service_err=ignore system_err=ignore] /lib/security/$ISA/pam_ldap.so
>
> password required /lib/security/$ISA/pam_cracklib.so retry=3 \
> type=
> password sufficient /lib/security/$ISA/pam_unix.so nullok \
> use_authtok md5 shadow
> password sufficient /lib/security/$ISA/pam_ldap.so use_authtok
> password required /lib/security/$ISA/pam_deny.so
>
> session required /lib/security/$ISA/pam_limits.so
> session required /lib/security/$ISA/pam_unix.so
> session optional /lib/security/$ISA/pam_ldap.so
> ----
>
>
> [root na localhost]# cat su
> ----
> #%PAM-1.0
> auth sufficient /lib/security/$ISA/pam_rootok.so
> # Uncomment the following line to implicitly trust users in the "wheel"
> # group.
> #auth sufficient /lib/security/$ISA/pam_wheel.so trust use_uid
> # Uncomment the following line to require a user to be in the "wheel"
> # group.
> #auth required /lib/security/$ISA/pam_wheel.so use_uid
> auth required /lib/security/$ISA/pam_stack.so \
> service=system-auth
> account required /lib/security/$ISA/pam_stack.so \
> service=system-auth
> password required /lib/security/$ISA/pam_stack.so \
> service=system-auth
> session required /lib/security/$ISA/pam_stack.so \
> service=system-auth
> session optional /lib/security/$ISA/pam_xauth.so
> ----
>
> Coz mi jako laikovi pripada, ze je to v poradku.
Co se stane, když do pam.d/su pridate
> auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
?
--
Michal Kašpar
------------- další část ---------------
A non-text attachment was scrubbed...
Name: [žádný popis není k dispozici]
Type: application/pgp-signature
Size: 189 bytes
Desc: [žádný popis není k dispozici]
URL: <http://www.linux.cz/pipermail/linux/attachments/20030310/a015bdbc/attachment.sig>
Další informace o konferenci Linux