Michael wrote: > Two q's from me: > 1) > pam_limits module appears to be out by one for certain authentication > methods -- In particular ssh -- Example, if I set maxlogins for a user > of 1, the user is allowed 2 logins, the third fails. If I set maxlogins > 0, no logins allowed. I assume someone is aware of it?? Indeed, http://sourceforge.net/tracker/index.php?func=detail&aid=493294&group_id=6663&atid=106663 > 2) > I have been playing with a pam_iptables module for PAM see > http://www.itlab.musc.edu/~nathan/authentication_gateway/(Not part of > the main PAM tree). Thanks, I've added a link to this: http://www.kernel.org/pub/linux/libs/pam/modules.html > In playing with this module it occured to me that what the pam_iptables > is much like is a generic "execute something when some pam > authentication takes place" type of module. ie a pam_generic_execv that > reads a config file list of programs to execute when a PAM > authentication takes place. Is there such a module already ? If not > would it be usefull, safe, or just superfluous? I don't believe such a module exists, there is pam_make, but I'm not sure how safe that is. Cheers Andrew
