On Wed, Apr 09, 2003 at 04:49:37PM -0400, John M. Taylor Jr. wrote: > Yet when I try to rlogin to the host with these settings, I get the > following in the /var/log/messages file: > Apr 9 16:15:38 hostfoo rlogind[15198]: PAM authentication failed for > in.rlogind > Apr 9 16:15:43 hostfoo login(pam_unix)[15199]: session opened for user > johnt by (uid=0) > Apr 9 16:15:43 hostfoo login -- johnt[15199]: LOGIN ON pts/11 BY johnt > FROM hostbar This shows that pam_unix was invoked with a service name of 'login', not 'rlogin'. Thinking back to the last time I used rlogin (long ago), this seems correct: if rlogin itself fails, it will try to spawn a normal login process. So while I have to smile at the suggestion that "pam_stack is considered harmful" (it's had other issues over the years, and I'm not sure if they've been resolved or not), that doesn't seem to have much bearing on the current behavior you're seeing. > My question: Does anyone know why pam_stack discards the previous > results of the stack in favor of its own stack? Is this a bug or a feature? You're ascribing powers to pam_stack that it does not possess. pam_stack is just a module, and last I knew, Red Hat hadn't modified libpam to give it special treatment. -- Steve Langasek postmodern programmer
Attachment:
pgp00079.pgp
Description: PGP signature
