10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi guys, does anybody know how to set/create read-only environment variable inside PAM module? I've written my own pam authentication module and I'd need to pass some information to user application started by user after user has been logged to the system and user should not be allowed to change... (0 Replies)
Discussion started by: gonzales01
0 Replies
2. Red Hat
Hello,
I'm now analysing the working of PAM.
PAM works with config-files, that you can find under the directory /etc/pam.d.
One of those config.-files is the file: login.conf.
------------------------------------------------------------------------------------------------------
#... (0 Replies)
Discussion started by: caroline
0 Replies
3. Solaris
Pam Module sending a cannot get password enry after certain period in /var/adm/message.
pam_login_limit(auth): Cannot get Password entry for user 'dbsnmp'
What is dbsnmp? Also if account is locked does pam module checks for this locked account at regular interval and keeps on posting... (2 Replies)
Discussion started by: student2009
2 Replies
4. IP Networking
Hi All,
I need to develop a kernel module which changes the IP address of a package according to its mac address. It would be a sort of L2 Nat.
Somebody know if I can do this using netfilter??
Thanks. (2 Replies)
Discussion started by: lagigliaivan
2 Replies
5. Linux
Hi all,
I am working on USB data monitoring on Fedora Core 9. Kernel 2.6.25 has a built-in module (the one that isn't loadable, but compiles and links statically with the kernel during compilation) to snoop USB data. It is in <kernel_source_code>/drivers/usb/mon/.
I need to know if I can... (0 Replies)
Discussion started by: anitemp
0 Replies
6. Solaris
Hello Group,
I'm facing Problem with the configuration of "***pam_radius_auth.so.1***" module to be integrated with Freeradius and Funk Steel Belted Radius. Both this radius servers are able to make "Access-Accept" packet. But the SSH or Telnet client is not able to login to the system with the... (0 Replies)
Discussion started by: ImpeccableCode
0 Replies
7. Solaris
quick question about PAM module. Here may pam.conf file. How do I verify that pam modules work correctly? Does it mean when it run cron job, it checks the pam module for authentication? Thanks in advance.
#
passwd auth required pam_passwd_auth.so.1
#
# cron service (explicit... (0 Replies)
Discussion started by: mokkan
0 Replies
8. Solaris
Does anyone know how to create a custom pam module for modifying the login authentication procedure? (1 Reply)
Discussion started by: mhm4
1 Replies
9. UNIX for Dummies Questions & Answers
my host run on a Free bsd server and i have a cgi script that requires LWP module, but i my host say that that module is installed, so i would like to know if the is a command because i have telnet access to know if the module or which modules are installed on my account (itīs that the script donīt... (4 Replies)
Discussion started by: Beto
4 Replies
10. UNIX for Dummies Questions & Answers
Ok..i've installed Apache 1.3.14, and it runs... BUT...I can't figure out how to get the php-4.0.4 module to run, and i've read through the install file and EVERYTYHING, aafter about 10 attempts I pissed myself off enough to goto sleep...Can anyone suggest a place to look for a lil bit more help?... (10 Replies)
Discussion started by: ComTec
10 Replies
SYSTEM-AUTH-AC(5) File Formats Manual SYSTEM-AUTH-AC(5)
NAME
system-auth-ac, password-auth-ac, smartcard-auth-ac, fingerprint-auth-ac, postlogin-ac - Common configuration files for PAMified services
written by authconfig(8)
SYNOPSIS
/etc/pam.d/system-auth-ac
DESCRIPTION
The purpose of this configuration file is to provide common configuration file for all applications and service daemons calling PAM
library.
The system-auth configuration file is included from all individual service configuration files with the help of the include directive. When
authconfig(8) writes the system PAM configuration file it replaces the default system-auth file with a symlink pointing to system-auth-ac
and writes the configuration to this file. The symlink is not changed on subsequent configuration changes even if it points elsewhere. This
allows system administrators to override the configuration written by authconfig.
The authconfig now writes the authentication modules also into additional PAM configuration files /etc/pam.d/password-auth-ac,
/etc/pam.d/smartcard-auth-ac, and /etc/pam.d/fingerprint-auth-ac. These configuration files contain only modules which perform authentica-
tion with the respective kinds of authentication tokens. For example /etc/pam.d/smartcard-auth[-ac] will not contain pam_unix and pam_ldap
modules and /etc/pam.d/password-auth[-ac] will not contain pam_pkcs11 and pam_fprintd modules.
The file /etc/pam.d/postlogin-ac contains common services to be invoked after login. An example can be a module that encrypts an user's
filesystem or user's keyring and is decrypted by his password.
The PAM configuration files of services which are accessed by remote connections such as sshd or ftpd now include the /etc/pam.d/password-
auth configuration file instead of /etc/pam.d/system-auth.
EXAMPLE
Configure system to use pam_tally2 for configuration of maximum number of failed logins. Also call pam_access to verify if access is
allowed.
Make system-auth symlink point to system-auth-local which contains:
auth requisite pam_access.so
auth requisite pam_tally2.so deny=3 lock_time=30
unlock_time=3600
auth include system-auth-ac
account required pam_tally2.so
account include system-auth-ac
password include system-auth-ac
session include system-auth-ac
BUGS
None known.
SEE ALSO
authconfig(8), authconfig-gtk(8), pam(8), system-auth(5)
Red Hat, Inc. 2010 March 31 SYSTEM-AUTH-AC(5)