On Wed, May 22, Thomas Glanzmann wrote: > Hi out there, > I have a NIS Server serving a Password Database with entries like that: > > sithglan:##sithglan:31401:30003:Thomas Glanzmann, CIP Admin:/home/cip/adm/sithglan:/local/login/bin/env-csh > > This NIS Server also serves a map named passwd.adjunct.byname to source ports < 1024. > > And I have a pam enabled Linux application named xlock. This xlock application > is able to do the password authentication for a user but why? Caches Linux PAM > allready sucessfully authenticated passwords? Or is there another mechanism? > > If I try the same thing under Solaris the PAM enabled xlock application needs an > root sbit to proceed. Has somebody an idea, how I can get Solaris to the same > thing linux does? So that I don't have to put the xlock application setuid root? You don't tell anything about your PAM configuration, but I think you use a PAM module, which calls an external setuid root helper binary. As far as I know, pam_pwdb and pam_unix.so are doing so. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE Linux AG Deutschherrnstr. 15-19 D-90429 Nuernberg -------------------------------------------------------------------- Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
