--6sX45UoQRIJXqkqR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Aug 30, 2002 at 01:50:45PM -0500, Hakanson, David J. wrote: > I am trying to set up a radius server (GNU radius) using PAM (krb5) > for authentication. I am having problems doing radius auths since the > account part fails. My pam file looks like: > auth sufficient /lib/security/pam_krb5.so use_authtok > auth required /lib/security/pam_deny.so > account required /lib/security/pam_permit.so > session required /lib/security/pam_permit.so > When I do a radius auth the authentication goes through without a > problem but then denies me with the error: "pam_krb5: unable to > determine uid/gid for user" and then "pam_krb5: authentication fails for > user". Is there any way that I can completely bypass the account/session > portion of PAM? Since all I am doing is using PAM for authentication and > not authorization I don't need the uid/gid information at all. Use a pam_krb5 module that doesn't look for uids during authentication.=20 I think the pam_krb5 module in CVS at http://www.sourceforge.net/projects/p= am qualifies. Steve Langasek postmodern programmer --6sX45UoQRIJXqkqR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD4DBQE9b8JsKN6ufymYLloRAk3oAJddJwhfS3aPn7zODd82ypBo9AiJAJ9L3u3d 68FXeE9CwhCYXK9ZWh1g0g== =Q6qw -----END PGP SIGNATURE----- --6sX45UoQRIJXqkqR--
