|
|
Sponsored Content
Top Forums
UNIX for Dummies Questions & Answers
CDE in Solaris
Post 28655 by DPAI on Sunday 22nd of September 2002 05:47:44 PM
09-22-2002
|
|
10 More Discussions You Might Find Interesting
1. Cybersecurity
I just installed Solaris 8 on an Intel based PC and am in the process of securing it. When I disable RPC my CDE desktop does not show up. I get my mouse cursor and a black screen. Also, anyone know how to disable SMC on Solaris 8.
Thanks (3 Replies)
Discussion started by: Beauford
3 Replies
2. UNIX for Advanced & Expert Users
Hi all,
I have a couple of doubts with Solaris CDE(i use 2.6)
1. Is it possible to customize my mouse pointer in the CDE environment? im wondering how i can change the mouse pointer, say to a different bitmap or something like that.?
2. Is it possible to use a jpeg as a backdrop?
Thanks... (5 Replies)
Discussion started by: kandanmv
5 Replies
3. UNIX for Dummies Questions & Answers
Help!
I performed a sys-unconfig as suggested in one of the other threads to set up IP on hme0. Unfortunately after all is said and done, it no longer boots to the CDE but sits at a command prompt. Any ideas (I don't know Unix). Thanks in advance!
Rob Cluett (3 Replies)
Discussion started by: cluettr
3 Replies
4. Solaris
Deard all, I installed Solaris 8 in a SUN machine, and after Solaris and Language modules installed, the result is that CDE is not working, also single user mode is only available.
I tried with all init stages and the same result.
Can someone advice me what to check (Some log file) or what to... (1 Reply)
Discussion started by: mmviejo
1 Replies
5. UNIX for Dummies Questions & Answers
Hi :
I installed solaris 10 on a sparc machine. now I get no cde desktop and do not know how to start it?
Any ideas would be appriciated.
Thanks
Alan (0 Replies)
Discussion started by: alanj4
0 Replies
6. Solaris
Hi,
How can I start CDE for non root user created.For root CDE is working fine but for non root user CDE exits back to login screen after trying for some time.Also I cant see .dt and .dtprofile files in the users home directory.How can I create them.Kindly help.
Thanks & Regards,
Kiran. (1 Reply)
Discussion started by: kiranherekar
1 Replies
7. Solaris
Hi All,
I have solaris 10 on X86 and I need to connect this through X-Manager or similar software.
I have googled a lot and tried the following :
root@sol10x86 # ps -ef |grep dtlogin
root 1825 4718 0 13:38:50 pts/1 0:00 grep dtlogin
root@sol10x86 # svcs cde-login
STATE ... (2 Replies)
Discussion started by: pintu_asim
2 Replies
8. Solaris
Hi,
I am facing some issues on Solaris 10 (SPARC 5.10 Generic_118833-36). The issue is when I try to connect/login through CDE it hangs (hangs at login screen). I tried connecting thourgh VNC client also but that also not helped. I had done no configuration change or modified any kernel... (2 Replies)
Discussion started by: kgupta
2 Replies
9. UNIX Desktop Questions & Answers
Hello,
Do you guys by any chance know what is the best (if any ) way to move CDE configuration from a SOLARIS 10 machine to HP-UX?
Just the config (actions, text files etc).
Thanks in advance! (0 Replies)
Discussion started by: binary0x01
0 Replies
10. Solaris
All,
I'm running Solaris 8 on a Sparcbook. One of my users, when logging in, defaults to Open Windows desktop rather than CDE. All other users get logged into CDE just fine. Is there a file or something that tells the system what default login is? I'm confused as to why it's just for this one... (4 Replies)
Discussion started by: leosmith78
4 Replies
LEARN ABOUT HPUX
pam.conf
pam.conf(4) Kernel Interfaces Manual pam.conf(4) NAME
pam.conf - configuration file for pluggable authentication modules SYNOPSIS
DESCRIPTION
is the configuration file for the Pluggable Authentication Module architecture, or PAM. A PAM module provides functionality for one or more of four possible services: authentication, account management, session management, and password management. An authentication service module provides functionality to authenticate a user and set up user credentials. An account management module provides functionality to determine if the current user's account is valid. This includes checking for password and account expiration, as well as verifying access hour restrictions. A session management module provides functionality to set up and terminate login sessions. A password management module provides functionality to change a user's authentication token or password. Simplified pam.conf configuration file The file contains a listing of services. Each service is paired with a corresponding service module. When a service is requested, its associated module is invoked. Each entry has the following format: service_name module_type control_flag module_path options Below is an example of the configuration file with support for authentication, account management, session management and password manage- ment modules. Note that the use of is mandatory for some of the services. For more information, see pam_hpsec(5). login auth required libpam_hpsec.so.1 debug login auth required libpam_unix.so.1 debug login session required libpam_hpsec.so.1 login session required libpam_unix.so.1 login account required libpam_hpsec.so.1 login account required libpam_unix.so.1 dtlogin auth required libpam_hpsec.so.1 dtlogin auth required libpam_unix.so.1 dtlogin session required libpam_hpsec.so.1 dtlogin session required libpam_unix.so.1 other auth required libpam_hpsec.so.1 other auth required libpam_unix.so.1 other account required libpam_hpsec.so.1 other account required libpam_unix.so.1 other session required libpam_hpsec.so.1 other session required libpam_unix.so.1 other password required libpam_hpsec.so.1 other password required libpam_unix.so.1 service_name The service_name denotes the service (for example, or The keyword, indicates the module all other applications which have not been specified should use. The keyword can also be used if all services of the same module_type have the same require- ments. In the example above, since all of the services use the same account management module, they could have been replaced by a single line. module_type module_type denotes the service module type: authentication (auth), account management (account), session management (ses- sion), or password management (password). control_flag The control_flag field determines the behavior of stacking, and will be discussed in more detail below. module_path The module_path field specifies the pathname to a shared library object which implements the service functionality. If the pathname is not absolute, it is assumed to be relative to The (i.e Instruction Set Architecture) token is replaced by the PAM engine (libpam) with for Itanium-based 32-bit modules, with null for PA-RISC 32-bit modules, with for Itanium-based 64-bit modules, or with for PA-RISC 64-bit modules. To accommodate backward compatibility to PA-RISC library naming conven- tion, appropriate links are provided in and Example: If a user-defined module is specified in or the above convention must be followed to create symbolic links pointing to PA-RISC modules. To help reduce the impact of any future file format changes, the only supported way of parsing is through the PAM library interfaces. These interfaces will transparently do any necessary expansion of reserved tokens, such as options The options field is used by the PAM framework layer to pass module-specific options to the modules. It is up to the module to parse and interpret the options. This field can be used by the modules to turn on debugging or to pass any module spe- cific parameters such as a value. It can also be used to support unified login. The options supported by the modules are documented in their respective manual pages. For example, pam_unix(5) lists the options accepted by the UNIX module. Integrating Multiple Authentication Services With Stacking When a service_name of the same module_type is defined more than once, the service is said to be stacked. Each module referenced in the module_path for that service is then processed in the order that it occurs in the configuration file. The control_flag field specifies the continuation and failure semantics of the modules, and may contain one of the following values: If the service module returns success, record the success and continue to process the PAM stack. If a failure is returned, and it is the first optional module failure, save the failure code as an optional failure. Continue to process the PAM stack. If the service module returns success, record the success and continue to process the PAM stack. If a failure is returned, and it is the first required failure, save the failure code as a required failure. Continue to process the PAM stack. If the service module returns success, record the success and continue to process the PAM stack. If a failure is returned, immediately return the first non-optional failure value recorded, without calling any subsequent modules. In other words, record this failure, unless a previous required service module failed. If a previous required service module failed, return the first of those values. If the service module returns success and no preceding required modules returned failures, immediately return success without calling any subsequent modules. If a failure is returned, treat the failure as an optional module failure, and continue to process the PAM stack. If no module fails and no module succeeds, the PAM stack runs to completion. In this case success is returned, providing no module failed and at least one or module succeeded. If no module succeeded and a module failed, the first of those errors is returned. If all modules return a default error based on module type is returned. If any entry in is incorrect, or if a module does not exist or cannot be opened, then all PAM services fail and users are not be permitted access to the system. An error will be logged through syslog(3C) at the level, and the PAM framework returns error to the application. Below is a sample configuration file that stacks the and services. login auth required libpam_hpsec.so.1 debug login auth required libpam_unix.so.1 debug login auth optional libpam_inhouse.so.1 dtlogin auth required libpam_hpsec.so.1 debug dtlogin auth sufficient libpam_unix.so.1 debug dtlogin auth required libpam_inhouse.so.1 In the case of the user is authenticated by the the UNIX, and inhouse authentication modules. The keyword for control_flag requires that the user be allowed to login only if the user is authenticated by the and the UNIX service modules. The inhouse authentication is optional by virtue of the keyword in the control_flag field. The user can still log in even if inhouse authentication fails, as long as and UNIX both successfully authenticate the user. In the case of the keyword for control_flag specifies that if the UNIX authentication check succeeds, then PAM should return success to The inhouse authentication module (the next module in the stack) will only be invoked if the UNIX authentication check fails. Configuration Per User contains information to configure all the users on a system. But sometimes it is necessary to configure user by user. A user policy defi- nition is made through a specific module named This module reads a file named which describes the user's configurations. Below is a sample configuration file that uses the module login auth required libpam_hpsec.so.1 login auth required libpam_updbe.so.1 login auth required libpam_unix.so.1 su auth required libpam_hpsec.so.1 su auth required libpam_updbe.so.1 su auth required libpam_unix.so.1 OTHER auth required libpam_hpsec.so.1 OTHER auth required libpam_unix.so.1 login password required libpam_hpsec.so.1 login password required libpam_updbe.so.1 login password required libpam_unix.so.1 passwd password required libpam_hpsec.so.1 passwd password required libpam_updbe.so.1 passwd password required libpam_unix.so.1 OTHER password required libpam_hpsec.so.1 OTHER password required libpam_unix.so.1 The module searches the configuration file and reads the configuration associated with the login name of the current user. If there is no configuration concerning the current user in the file, the PAM framework ignores the line containing applies for those users who are not configured in Notes If an error is found in an entry due to invalid service_name, module_type, or control_flag, then the entry is ignored. If there are no valid entries for the given module_type, the PAM framework returns an error to the application. EXAMPLES
The following is a sample configuration file. Lines that begin with the symbol are treated as comments, and therefore ignored. # # PAM configuration # # Authentication management for login service is stacked. # Both UNIX and inhouse authentication functions are invoked, # in addition to hpsec authentication functions. login auth required libpam_hpsec.so.1 login auth required libpam_unix.so.1 login auth required libpam_inhouse.so.1 try_first_pass dtlogin auth required libpam_hpsec.so.1 dtlogin auth required libpam_unix.so.1 dtlogin auth required libpam_inhouse.so.1 try_first_pass # # Other services use hpsec and UNIX authentication other auth required libpam_hpsec.so.1 other auth required libpam_unix.so.1 # # Account management for login service is stacked. # hpsec and UNIX account management are required; # inhouse account management is optional login account required libpam_hpsec.so.1 login account required libpam_unix.so.1 login account optional libpam_inhouse.so.1 dtlogin account required libpam_hpsec.so.1 dtlogin account required libpam_unix.so.1 dtlogin account optional libpam_inhouse.so.1 # # Other services use hpsec and UNIX account management other account required libpam_hpsec.so.1 other account required libpam_unix.so.1 # # Session management for login service is stacked. # hpsec and UNIX account management are required; login session required libpam_hpsec.so.1 login session required libpam_unix.so.1 dtlogin session required libpam_hpsec.so.1 dtlogin session required libpam_unix.so.1 # # Other services use hpsec and UNIX session management other session required libpam_hpsec.so.1 other session required libpam_unix.so.1 # # Password management other password required libpam_hpsec.so.1 other password required libpam_unix.so.1 The following is a sample configuration which uses the module to configure a user. Lines that begin with the symbol are treated as com- ments, and therefore ignored. # # PAM configuration # # Authentication management for login service is stacked. # Both UNIX and inhouse authentication functions are invoked, # in addition to hpsec authentication functions. login auth required libpam_hpsec.so.1 login auth required libpam_updbe.so.1 login auth required libpam_unix.so.1 login auth required libpam_inhouse.so.1 try_first_pass dtlogin auth required libpam_hpsec.so.1 dtlogin auth required libpam_updbe.so.1 dtlogin auth required libpam_unix.so.1 dtlogin auth required libpam_inhouse.so.1 try_first_pass # # Other services use hpsec and UNIX authentication other auth required pam_hpsec.so.1 other auth required pam_unix.so.1 # # Account management for login service is stacked. # hpsec and UNIX account management are required; # inhouse account management is optional login account required libpam_hpsec.so.1 login account required libpam_unix.so.1 login account optional libpam_inhouse.so.1 dtlogin account required libpam_hpsec.so.1 dtlogin account required libpam_unix.so.1 dtlogin account optional libpam_inhouse.so.1 other account required libpam_hpsec.so.1 other account required libpam_unix.so.1 # # Session management for login service is stacked. # hpsec and UNIX account management are required login session required libpam_hpsec.so.1 login session required libpam_unix.so.1 login session optional libpam_inhouse.so.1 dtlogin session required libpam_hpsec.so.1 dtlogin session required libpam_unix.so.1 dtlogin session optional libpam_inhouse.so.1 # # Other services use hpsec and UNIX session management other session required libpam_hpsec.so.1 other session required libpam_unix.so.1 # # Password management passwd password required libpam_hpsec.so.1 passwd password required libpam_updbe.so.1 passwd password required libpam_unix.so.1 other password required libpam_hpsec.so.1 other password required libpam_unix.so.1 Utilities and Files A list of utilities that are known to use PAM includes: and The PAM configuration file does not dictate either the name or the location of the service specific modules. The convention, however, is the following: Implements various functions of specific authentication services. Configuration file. Implements the 32-bit PAM framework library on Itanium-based systems. Implements the 64-bit PAM framework library on Itanium-based systems. Implements the 32-bit PAM framework library on PA-RISC. Implements the 64-bit PAM framework library on PA-RISC. SEE ALSO
dtlogin(1), login(1), passwd(1), su(1), pam(3), pam_hpsec(5). pam.conf(4)