Re: PAM-warn; [remote: ?nobody@?nowhere]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



@ 2:18:48 PM on 11/1/01, Solar Designer wrote:

>> First I used AUTH_MAN_USERPASS, but it failed, so I switched it to
                     ^^^
                     Whoops. Too many man pages.

SD> Did you install pam_userpass and stack it for popa3d? If not then
SD> it couldn't have worked.

Ah, OK I learned something new then. I'm not familiar with PAM enough
to know what I'm looking for -- even if it explicitly says, "Talk to
pam_userpass via Linux-PAM binary prompts." :-)

>> Nov  1 14:18:10 cla PAM-warn[15217]: service: popa3d [on terminal: <unknown>]
>> Nov  1 14:18:10 cla PAM-warn[15217]: user: (uid=0) -> foo [remote: ?nobody@?nowhere]

SD> You seem to have pam_warn somewhere in the PAM stack for popa3d.
SD> Why, do you need it?

I guess that would be this?

% egrep -i pam_warn /etc/pam.d/*
/etc/pam.d/other:auth     required      /lib/security/pam_warn.so
/etc/pam.d/other:account  required      /lib/security/pam_warn.so
/etc/pam.d/other:password required      /lib/security/pam_warn.so
/etc/pam.d/other:session  required      /lib/security/pam_warn.so

If that is correct, then I'm also guessing I need to create a file
called popa3d under /etc/pam.d with something like this?

auth       required     /lib/security/pam_unix.so
auth       required     /lib/security/pam_unix.so shadow use_first_pass
account    required     /lib/security/pam_unix.so

If I'm using md5, does md5 need to be on any of those lines, or is
that only for applications capable of changing a password?

Is it preferred to use AUTH_PAM_USERPASS over regular AUTH_PAM?

In your example for pam_userpass, I see:

auth       required     /lib/security/pam_userpass.so
auth       required     /lib/security/pam_pwdb.so shadow use_first_pass
account    required     /lib/security/pam_pwdb.so

But I don't have pam_pwdb on the system.

(Sorry for all the stupid newbie questions; PAM is confusing -- even
after having read the docs the best I could)

-Brian





[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux