> Unfortunately, > however, our workstations running xscreensaver have SNARE reporting that > the (non-root) logged-in user unsuccessfully attempts to touch the > /etc/shadow file, with timestamps that correspond to the exact times that > the user unlocks the window via xscreensaver. Sound logical to me : xscreensaver needs to verify the user's password, let's PAM handle that, and PAM needs to open /etc/shadow to verify the actual hashes. > I have narrowed it down to PAM (I think), as I've recompiled xscreensaver > with absolutely no passwd references; only the PAM libraries compiled in, > and the problem still presents itself. Does anyone know if PAM is making > this call at some point, and if so, what is the reason behind it? Is PAM > just doing a sanity permission check on the shadow file? It's probably opening it. Igmar _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
