On Wed, 12 Feb 2003, JC Ferguson wrote: > I have a linux box that I want to use RADIUS as the ONLY authentication > method. I.e., I do not want to allow std unix login. I am using a > pam-enabled telnetd started from inetd on debian linux with the > pam_radius module. > > The pam radius module gets called, i pass it the credentials, and it > authenticates me. however, I never get a shell, rather, the connection > is closed by telnetd. > > I have traced this to where the login program starts the shell (not > using gdb, mind you, some of this is speculation): > > shell (pwent.pw_shell, (char *) 0); /* exec the shell finally. */ If you want a shell you need a valid uid. Without such you have no system privileges at all. Do you really need *every* user to have shell access? What is your aversion to have an entry in a valid getpw data source? Jason Clifford -- UKFSN.ORG Finance Free Software while you surf the 'net http://www.ukfsn.org/ Sign Up Now _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
