06-25-2005
That should work. Do you have any nonstandard PAM modules installed?
Was BSM (basic security module) enabled?
10 More Discussions You Might Find Interesting
1. Solaris
Hello
I want to set the password for user never expire through the command line. For your information the box is running under Solaris 8 platform. (2 Replies)
Discussion started by: shamsul
2 Replies
2. UNIX for Dummies Questions & Answers
If we have it so users accounts need a new password after 90 days is there a way to also say that after 90 days they need to use a new password and not let them use the same one twice? (2 Replies)
Discussion started by: LordJezo
2 Replies
3. Solaris
I have installed Solaris 10 x86 in VMware 5.5.I logged in as root user and trying to create new user and also reset the password for existing user, i am getting "Permission Denied Error". I checked the /etc/shadow file, looks fine permission is 400. Earlier i was able to do it but suddenly it... (2 Replies)
Discussion started by: khagendra
2 Replies
4. Red Hat
Hi All,
Is this true on chage command?
-M, MAX_DAYS
Passing the number -1 as MAX_DAYS will remove checking a password's validity.
Does this means password will not expire anymore?
Thanks for any comment you may add. (0 Replies)
Discussion started by: itik
0 Replies
5. Solaris
Hi Everyone, my name`s Sergio.
I need your help please. I have a problem using Solaris 9. I create an account with the command line "useradd", with this I have no problem.
My problem is I need set the created account to NP (No Password or Non Login). For example:
cat /etc/shadow
... (2 Replies)
Discussion started by: roswell
2 Replies
6. Solaris
hi everybody
i cant set password for user (jam)
i tried to
#passwd jam
enter newpasswd :
after enter it showing
passwd : cannot get default domain:internal yp server or client error
i also check cat /etc/shadow file
jam:*:LK*:........
user is locked ... and i... (4 Replies)
Discussion started by: coolboys
4 Replies
7. Shell Programming and Scripting
okay here I go again...
I have created a script which adds new user to /etc/password and which inturn creating a locked password in /etc/shadow but I am expecting to have *NP* for that particular user.Can someone help me with a script which can set the password for a particular user to NP in... (1 Reply)
Discussion started by: sintilash
1 Replies
8. Shell Programming and Scripting
A situation where i need to create 10 directories and set its 10 passwords.
Since each of the directories contents would be critical, only few users need to access. :wall:
I need to write a script so that it creates 10 directories in no time.
So, how can i explicitly set a password to a... (1 Reply)
Discussion started by: Manjunath B
1 Replies
9. Shell Programming and Scripting
Hi,
I am unable to set the password remotely. I am using the script as below:
ep=`echo "$p" | /usr/lbin/makekey`
ssh -t $i "/usr/local/bin/sudo useradd -c "$user_c" -m -d /home/$user_id -s /bin/ksh $user_id; /usr/local/bin/sudo /usr/sam/lbin/usermod.sam -F -p $ep $user_id"
The... (0 Replies)
Discussion started by: Kits
0 Replies
10. Solaris
I have a Solaris-10 non global zone, on which I am not able to reset password, while counts are matching in /etc/passwd and /etc/shadow. I tried searching its solution in various forums, but nothing is working
# id -a oemagent
uid=56605(oemagent) gid=56595(tess) groups=56595(tess)
# passwd -s... (2 Replies)
Discussion started by: solaris_1977
2 Replies
LEARN ABOUT DEBIAN
pam_selinux
PAM_SELINUX(8) Linux-PAM Manual PAM_SELINUX(8)
NAME
pam_selinux - PAM module to set the default security context
SYNOPSIS
pam_selinux.so [close] [debug] [open] [nottys] [verbose] [select_context] [env_params] [use_current_range]
DESCRIPTION
In a nutshell, pam_selinux sets up the default security context for the next execed shell.
When an application opens a session using pam_selinux, the shell that gets executed will be run in the default security context, or if the
user chooses and the pam file allows the selected security context. Also the controlling tty will have it's security context modified to
match the users.
Adding pam_selinux into a pam file could cause other pam modules to change their behavior if the exec another application. The close and
open option help mitigate this problem. close option will only cause the close portion of the pam_selinux to execute, and open will only
cause the open portion to run. You can add pam_selinux to the config file twice. Add the pam_selinux close as the executes the open pass
through the modules, pam_selinux open_session will happen last. When PAM executes the close pass through the modules pam_selinux
close_session will happen first.
OPTIONS
close
Only execute the close_session portion of the module.
debug
Turns on debugging via syslog(3).
open
Only execute the open_session portion of the module.
nottys
Do not try to setup the ttys security context.
verbose
attempt to inform the user when security context is set.
select_context
Attempt to ask the user for a custom security context role. If MLS is on ask also for sensitivity level.
env_params
Attempt to obtain a custom security context role from PAM environment. If MLS is on obtain also sensitivity level. This option and the
select_context option are mutually exclusive. The respective PAM environment variables are SELINUX_ROLE_REQUESTED,
SELINUX_LEVEL_REQUESTED, and SELINUX_USE_CURRENT_RANGE. The first two variables are self describing and the last one if set to 1 makes
the PAM module behave as if the use_current_range was specified on the command line of the module.
use_current_range
Use the sensitivity level of the current process for the user context instead of the default level. Also suppresses asking of the
sensitivity level from the user or obtaining it from PAM environment.
MODULE TYPES PROVIDED
Only the session module type is provided.
RETURN VALUES
PAM_AUTH_ERR
Unable to get or set a valid context.
PAM_SUCCESS
The security context was set successfully.
PAM_USER_UNKNOWN
The user is not known to the system.
EXAMPLES
auth required pam_unix.so
session required pam_permit.so
session optional pam_selinux.so
SEE ALSO
pam.conf(5), pam.d(5), pam(7)
AUTHOR
pam_selinux was written by Dan Walsh <dwalsh@redhat.com>.
Linux-PAM Manual 08/31/2010 PAM_SELINUX(8)