This looks like a bug. Try ending the file with a '# comment\n'. (I've just been browsing the source and this may work around the problem...) Could you file a bug report here: http://sourceforge.net/tracker/?group_id=6663&atid=106663 Could you either attach your problematic conf file (and your pam.d/login file) there, or mail them to me directly..? Thanks Andrew Todd Pytel wrote: > > Hi all, > > Having some problems getting pam_group.so to assign extra groups for > console logins. Here's my /etc/security/group.conf: > > login ; vc/* ; tppytel ; Al0000-2400 ; floppy > > I've tried just a * instead of vc/*, since I wasn't sure if devfs was > confusing things. Also tried a * in the user and service fields. In my > /etc/pam.d/login file, the pam_group line is > > auth > optional pam_group.so > > Sorry I don't have the rest of the login file - I'm in Windows at the > moment - but it's pretty basic stuff. Just the usual pam_unix checks > along with lastlog and a securetty check. > > Now, no matter how I configure things, no extra group privileges are > granted and all I get is a line in syslog: > > [time] pam_group.so [pid]: not opened > > I changed the control in login from optional to requisite, hoping to get > more information, but nothing changed AND the login was still > successful. Anybody know what's going on here? > > This is using Linux-PAM-0.76 compiled and fitted into a Slackware 8.1 > system with a rebuilt Shadow-4.0.3. Other PAM features (cracklib > checking, motd) and services work just fine, so I don't think I screwed > up the installation. I'd rather not use pam_console, since I'd have to > dig it out of an rpm, and the most recent version appears to be for .75, > which means I'd have to recompile everything again. > > Thanks, > Todd > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list
