Maybe I should read what I copy and paste to it's full length. I do not know other means they talk about or at least did not try any out - maybe another member of the forum can give you the answer or you just try out yourself some available to you.
Maybe using PAM and bypassing normal Unix login methods, idk.
To check the maximal value of a gid, I guess you take a look into your distributions header files in /usr/include (I checked on a Debian Linux):
I am not totally sure but I think that is what defines the max for the gid in the system. On a 32-bit system this would 2^32-1 ie. 4294967295 afaik.
Just out of curiosity - why do you need to know that?
Hi,
I want to append password into /etc/shadow file using a shell script.
My below script does add the users to both /etc/passwd and /etc/shadow but how can I add the hordcoded passwords to /etc/shadow file can some one help me ?
# To add the groups into /etc/group file
for a_user... (5 Replies)
hi,
I had to reset a lost root password by editing the /etc/passwd and /etc/shadow files ( this is a xen vm file, so i mounted and chrooted the file )
after the reboot with an empty password on root , i have set a new password with passwd but
it only changed the /etc/passwd file.... (0 Replies)
Hi Solaris's expert
I need to change user password on Solaris10 2 servers.
With the same password I can change it just only one.
Try to check everything but not found difference??
password pattern: abcdeFgh9Jk
server1 check all characters but server2 check only first 8 characters.Why??... (10 Replies)
Hi,
I am running NIS server on redhat linux 5 and I want to implement password restrictions for the yppasswd, how can I do it.Please help me.
I can implement password restriction for passwd by configuring /etc/pam.d/system-auth and setting crack_lib.so but I don't know how to implent the same... (3 Replies)
hi folk,
i try to setup a new password policy for our solaris box user, below are the /etc/default/passwd/, but then when i tried to create a user, it didn't ask for numeric character, and the new password also didn't ask for special characters.
# useradd testing
# passwd testing
New... (7 Replies)
On SPARC Solaris 10. I set the app account so it's expired. I also want it
so not required to change password at first login, I can do this by
removing the numbers after the password in /etc/shadow.
example using user1
The /etc/shadow file looks like this:
user1:kOmcVXAImRTAY:0::::90::
... (8 Replies)
i have an application that uses the encrypted password that's in the /etc/shadow file.
i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios.
this application allowed that... (5 Replies)
Hello Team,
I am using Lubuntu & have DRBL remote boot setup with open Ldap authentication. Currently there is no password expire policy. I want to set Password Policy so that user's password will expire after a month & they will get prompt to change their password.
Using PAM we can do it,... (1 Reply)
I need help. I have set a password policy. But I want to dis allow setting user name as password.
My policy is as below...
min length =8
min diff=2
min alpha=2
max repeats=2
dictionary= /usr/share/dict/words
Still user can set his username as password (i.e. Jackie1234).
Code tags for... (11 Replies)
Discussion started by: powerAIX
11 Replies
LEARN ABOUT DEBIAN
pure-authd
pure-authd(8) Pure-FTPd pure-authd(8)NAME
pure-authd - External authentication agent for Pure-FTPd.
SYNTAX
pure-authd [-p </path/to/pidfile>] [-u uid] [-g gid] [-B] <-s /path/to/socket> -r /program/to/run
DESCRIPTION
pure-authd is a daemon that forks an authentication program, waits for an authentication reply, and feed them to an application server.
pure-authd listens to a local Unix socket. A new connection to that socket should feed pure-authd the following structure :
account:xxx
password:xxx
localhost:xxx
localport:xxx
peer:xxx
end
(replace xxx with appropriate values) . localhost, localport and peer are numeric IP addresses and ports. peer is the IP address of the
remote client.
These arguments are passed to the authentication program, as environment variables :
AUTHD_ACCOUNT
AUTHD_PASSWORD
AUTHD_LOCAL_IP
AUTHD_LOCAL_PORT
AUTHD_REMOTE_IP
AUTHD_ENCRYPTED
The authentication program should take appropriate actions to fetch account info according to these arguments, and reply to the standard
output a structure like the following one :
auth_ok:1
uid:42
gid:21
dir:/home/j
end
auth_ok:xxx
If xxx is 0, the user was not found (the next authentication method passed to pure-ftpd will be tried) . If xxx is -1, the user was
found, but there was a fatal authentication error : user is root, password is wrong, account has expired, etc (next authentication
methods will not be tried) . If xxx is 1, the user was found and successfully authenticated.
uid:xxx
The system uid to be assigned to that user. Must be > 0.
gid:xxx
The primary system gid. Must be > 0.
dir:xxx
The absolute path to the home directory. Can contain /./ for a chroot jail.
slow_tilde_expansion:xxx (optional, default is 1)
When the command 'cd ~user' is issued, it's handy to go to that user's home directory, as expected in a shell environment. But
fetching account info can be an expensive operation for non-system accounts. If xxx is 0, 'cd ~user' will expand to the system user
home directory. If xxx is 1, 'cd ~user' won't expand. You should use 1 in most cases with external authentication, when your FTP
users don't match system users. You can also set xxx to 1 if you're using slow nss_* system authentication modules.
throttling_bandwidth_ul:xxx (optional)
The allocated bandwidth for uploads, in bytes per second.
throttling_bandwidth_dl:xxx (optional)
The allocated bandwidth for downloads, in bytes per second.
user_quota_size:xxx (optional)
The maximal total size for this account, in bytes.
user_quota_files:xxx (optional)
The maximal number of files for this account.
ratio_upload:xxx (optional)
radio_download:xxx (optional)
The user must match a ratio_upload:ratio_download ratio.
Only one authentication program is forked at a time. It must return quickly.
OPTIONS -u <uid>
Have the daemon run with that uid.
-g <gid>
Have the daemon run with that gid.
-B Fork in background (daemonization).
-s </path/to/socket>
Set the full path to the local Unix socket.
-R </path/to/program>
Set the full path to the authentication program.
-h Output help information and exit.
EXAMPLES
To run this program the standard way type:
pure-authd -s /var/run/ftpd.sock -r /usr/bin/my-auth-program &
pure-ftpd -lextauth:/var/run/ftpd.sock &
/usr/bin/my-auth-program can be as simple as :
#! /bin/sh
echo 'auth_ok:1'
echo 'uid:42'
echo 'gid:21'
echo 'dir:/home/j'
echo 'end'
AUTHORS
Frank DENIS <j at pureftpd dot org>
SEE ALSO ftp(1), pure-ftpd(8)pure-ftpwho(8)pure-mrtginfo(8)pure-uploadscript(8)pure-statsdecode(8)pure-pw(8)pure-quotacheck(8)pure-authd(8)
RFC 959, RFC 2389, RFC 2228 and RFC 2428.
Pure-FTPd team 1.0.36 pure-authd(8)