I am new to this list, so I hope I have the right list and this question has not been asked before. (I couldn't see anything in the archives...)
I work at a university and use squid to monitor my users downloads. They have a username and password on a novell server, so I use PAM ldap to authenticate against the novell server. I also have a list of users that are over their quota, and use pam listfile to check that list.
Unfortunately, the ldap server is not case sensitive, and listfile is, so if you are over your quota, you only need to switch the case on a char in your username and you can login again.
Does anyone know of any way I can get around this without modifying the code for listfile? I have included the relevant PAM file below. I am running redhat 8.0 and my pam version is 0.75-46.7.3
Thanks
Alison
auth required /lib/security/pam_ldap.so
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/over_quota onerr=succeed
account required /lib/security/pam_ldap.so
-- Alison Smith BSc(Curtin) IT Specialist
School of Electrical and Computer Engineering 207.107a Curtin University Bentley
Phone : +61 8 9266 7962 Email : a.smith@xxxxxxxxxxxxxxxxx
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
