Re: (RH8) pam_stack considered harmful

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Apr 09, 2003 at 04:49:37PM -0400, John M. Taylor Jr. wrote:

> Yet when I try to rlogin to the host with these settings, I get the 
> following in the /var/log/messages file:

> Apr  9 16:15:38 hostfoo rlogind[15198]: PAM authentication failed for 
> in.rlogind
> Apr  9 16:15:43 hostfoo login(pam_unix)[15199]: session opened for user 
> johnt by (uid=0)
> Apr  9 16:15:43 hostfoo login -- johnt[15199]: LOGIN ON pts/11 BY johnt 
> FROM hostbar

This shows that pam_unix was invoked with a service name of 'login', not
'rlogin'.  Thinking back to the last time I used rlogin (long ago), this
seems correct: if rlogin itself fails, it will try to spawn a normal
login process.

So while I have to smile at the suggestion that "pam_stack is considered
harmful" (it's had other issues over the years, and I'm not sure if
they've been resolved or not), that doesn't seem to have much bearing on
the current behavior you're seeing.

> My question: Does anyone know why pam_stack discards the previous 
> results of the stack in favor of its own stack? Is this a bug or a feature?

You're ascribing powers to pam_stack that it does not possess.  pam_stack
is just a module, and last I knew, Red Hat hadn't modified libpam to
give it special treatment.

-- 
Steve Langasek
postmodern programmer

Attachment: pgp00079.pgp
Description: PGP signature


[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux