read,post,auth=pam
actually makes it authenticate, except after pam auth works i now get
480 Authentication required for command
On Thu, 20 Jul 2000, Stephen Fletcher wrote:
>
> well the nntpcached is deffinately linked to libpam.so except i cant seem
> to get it to authenticate using pam at all.
> I get this in my sylog
>
> sockets.c:461: <- MODE READER
> sockets.c:461: <- AUTHINFO USER meridian
> sockets.c:461: <- AUTHINFO PASS *******
> Unsuccessful AUTHINFO PASS for meridian
>
> Im assuming this is using the default nntpcache authentication
> method. While it is linked to pam it seems I need to do more than just
> setting up the pam.d/nntpcache file to make it use pam.
>
> On Wed, 19 Jul 2000, Julian Assange wrote:
>
> >
> > > Julian
> > > um i cant seem to find that file in b5 tarball, i guess your talking about
> > > the pam README in the pam libs.
> > >
> > > nnconf.cf.in:string pamModuleName "nntpcache"
> > > nntpcache.config:pamModuleName nntpcache
> > >
> > > /etc/pam.d/nntpcache:auth required pam_unix.so
> > >
> > > I am using shadow passwords so i expect this wont work however id expect
> > > it would at least give me back an error and not let me LIST?
> > >
> > > Stephen
> >
> > Someone neglected to list it Makefile.am hense it wasn't included.
> > here it is:
> >
> > [README.pam]
> >
> > Redhat users will need something similar to:
> >
> > nntpcache auth required pam_unix_auth.so
> > nntpcache account required pam_unix_acct.so
> >
> > in their /etc/pam.conf file.
> >
> > Debian users require something similar to
> >
> > auth required pam_unix.so
> > account required pam_unix.so
> > password required pam_unix.so
> > session required pam_unix.so
> >
> > in their /etc/pam.d/nntpcache file (or whatever you've set it to in the nntpcache config file). Since the Debian PAM authentication modules require the requesting application to be root/in group shadow, you have three choices:
> > * tell nntpcache to run as root ("user root" in nntpcache.config),
> > * use the suid pipe authenticator. i.e
> > auth=user/passwd;pipe
> > with default pipe authenticator, "unixauth". See "pipeProgram" in
> > nntpcache.config, for more details.
> > * not use shadowing, and build your own PAM authentication modules
> >
> > PCT. 28/5/00
> >
>
>
>
