Have you thought about contributing your module to pam.sourceforge.net ?
This way 1. I would only have one place to look, and 2. it could be under sourceforge cvs, so anybody could tinker with it and release the changes back to the world.
Also, have you thought about a simplified version that specifies all the settings on the pam_netgroups.so invocation line, access=@myNetgroup deny=@myBozosNetgroup, so there is only the pam conf file(s) and the yp netgroup file? (and no access file at all)
Thanks for developing this module!
I am currently using pam_listfile, but I will probably be switching to pam_netgroups soon. I have Solaris and Linux86 systems to manage.
best regards,
--johnT
Thomas M. Payerle wrote:
In addition to the listfile module that someone mentioned, I have a PAM module pam_netgroups, available at http://www2.physics.umd.edu/~payerle/Software/PAM/ that can do authorization (account management group) based on assorted types of group membership. It may be overkill for your situation, as the name implies it is mainly for NIS/hesiod netgroups, but it can handle the standard Unix /etc/group also (maptype=unix, which then disables about half of the other options). Tom Payerle Dept of Physics payerle@physics.umd.edu University of Maryland (301) 405-6973 College Park, MD 20742-4111 Fax: (301) 314-9525 _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
_______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
