12-02-2010
locked out of RHEL 4 system
Hi,
I modified file /etc/pam.d/system-auth, to include "dcredit=-1 lcredit=-1 ucredit=-1"
Now no one can login in. I still have an open session...but I cant even su to another account.
I restored the file to the original, but still, no one can login in!
Any help very appreciated!
I get these messages in /etc/log/secure
Dec 2 13:17:54 xxxx xinetd[4716]: START: pblocald pid=6930 from=x.x.x.x
Dec 2 13:18:06 xxxx sshd[6933]: Accepted password for xxxx from ::ffff:x.x.x.x port 2317 ssh2
Dec 2 13:18:06 xxxx sshd[6933]: fatal: PAM: pam_open_session(): Permission denied
8 More Discussions You Might Find Interesting
1. Red Hat
Hi,
After a reboot, One of My Proliant Machine DL380 could not load the O/S.
Raid 1+0 was configured.
Some Gathered Facts:
During Boot from System Rescue, the following message appears
"You don't have any linux partitions.Press return to get a shell. The system will reboot... (1 Reply)
Discussion started by: Muhammad Ahmad
1 Replies
2. UNIX for Advanced & Expert Users
Hi,
Could somebody sent me sample output of below commands on
1) Debian linux and 2) RHEL3 and 3) any RHEL version less than 3,
a) uname -a
b) cat /etc/issue
c) cat /etc/redhat-release or other equivalent file
Thanks in advance
- Krishna (0 Replies)
Discussion started by: krishnamurthig
0 Replies
3. Red Hat
I have a RHEL 5.2 server that I need to connect a new HP Laserjet p2035n networked printer. I can not install the latest version of 'hplip' since it generates an error (missing lib....) Does anyone know where I can find a PPD file for CUPS?
Or can anyone tell how to remove the double blank... (1 Reply)
Discussion started by: uxlunatick
1 Replies
4. Solaris
Hi Everyone,
I have a machine where RHEL(Red Hat Enterprise Linux) is installed and few of our products are saved on the same.
Our products work only on sparc 6 + and i want to basically asve the products on the machine which has RHEL installed on it and mount the drive on the sun server and... (2 Replies)
Discussion started by: sankasu
2 Replies
5. Solaris
Hi Guys.
This is part of my filesystem structure :
Filesystem size used avail capacity Mounted on
/dev/md/dsk/d0 47G 5.2G 42G 12% /
/devices 0K 0K 0K 0% /devices
ctfs 0K 0K 0K 0% ... (2 Replies)
Discussion started by: aggadtech08
2 Replies
6. Red Hat
Hi,
I heard a command that can collect all RHEL 5 log in a single compress file before I forget.
Does any body know...What the command is ?
Thanks. (4 Replies)
Discussion started by: nnnnnnine
4 Replies
7. Red Hat
Hi all,
Im studying rhcsa as of now, so yum installation and dependencies are messing me to not workit out.
i have dual os, win 7 & rhel 6.
i have tried this installation of vsftpd package with rhel 6 dvd in VM rhel 6 in win 7 as well as host rhel 6.still the same issue.
below error... (6 Replies)
Discussion started by: redhatlbug
6 Replies
8. Red Hat
I have 2 RHEL 5.9 system where customized applications are running.
These 2 servers are with in a network (LAN) with each other.One application in say Server 1 can talk to another application in server 2 and vice versa.
The applications are exchanging data among each other.
Recently I am... (0 Replies)
Discussion started by: Anjan Ganguly
0 Replies
LEARN ABOUT CENTOS
system-auth-ac
SYSTEM-AUTH-AC(5) File Formats Manual SYSTEM-AUTH-AC(5)
NAME
system-auth-ac, password-auth-ac, smartcard-auth-ac, fingerprint-auth-ac, postlogin-ac - Common configuration files for PAMified services
written by authconfig(8)
SYNOPSIS
/etc/pam.d/system-auth-ac
DESCRIPTION
The purpose of this configuration file is to provide common configuration file for all applications and service daemons calling PAM
library.
The system-auth configuration file is included from all individual service configuration files with the help of the include directive. When
authconfig(8) writes the system PAM configuration file it replaces the default system-auth file with a symlink pointing to system-auth-ac
and writes the configuration to this file. The symlink is not changed on subsequent configuration changes even if it points elsewhere. This
allows system administrators to override the configuration written by authconfig.
The authconfig now writes the authentication modules also into additional PAM configuration files /etc/pam.d/password-auth-ac,
/etc/pam.d/smartcard-auth-ac, and /etc/pam.d/fingerprint-auth-ac. These configuration files contain only modules which perform authentica-
tion with the respective kinds of authentication tokens. For example /etc/pam.d/smartcard-auth[-ac] will not contain pam_unix and pam_ldap
modules and /etc/pam.d/password-auth[-ac] will not contain pam_pkcs11 and pam_fprintd modules.
The file /etc/pam.d/postlogin-ac contains common services to be invoked after login. An example can be a module that encrypts an user's
filesystem or user's keyring and is decrypted by his password.
The PAM configuration files of services which are accessed by remote connections such as sshd or ftpd now include the /etc/pam.d/password-
auth configuration file instead of /etc/pam.d/system-auth.
EXAMPLE
Configure system to use pam_tally2 for configuration of maximum number of failed logins. Also call pam_access to verify if access is
allowed.
Make system-auth symlink point to system-auth-local which contains:
auth requisite pam_access.so
auth requisite pam_tally2.so deny=3 lock_time=30
unlock_time=3600
auth include system-auth-ac
account required pam_tally2.so
account include system-auth-ac
password include system-auth-ac
session include system-auth-ac
BUGS
None known.
SEE ALSO
authconfig(8), authconfig-gtk(8), pam(8), system-auth(5)
Red Hat, Inc. 2010 March 31 SYSTEM-AUTH-AC(5)