Re: Password Strength and Aging checking w/NIS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 22 Apr 2005, Ted Beaton wrote:

> 
> 
> Jan Rekorajski wrote:
> >On Fri, 22 Apr 2005, Ted Beaton wrote:
> >
> >
> >>Does anyone know how to get NIS to use pam for password strength 
> >>checking and password aging?  All I've been able to get it to do is use 
> >>pam for authentication/login.
> >
> >
> >There is a 'nis' option to pam_unix.so, so you can just use pam on
> >clients as usual, just tell pam_unix in password section to do the
> >change via NIS.
> >
> >Jan
> 
> Are you talking about the following line in the /etc/pam.d/system-auth 
> file?
> 
> <<password sufficient /lib/security/$ISA/pam_unix.so use_authtok md5 
> shadow nis>>
> 
> My testing has shown that all this does is tell the client machine to 
> use the nis files on the nis server for authentication.

Nope. I wrote this code, and all it does is change password via NIS.
Authentication token retrieval and all that is done with nss_nis from glibc :)

> When the user 
> on the client machine runs yppasswd to change their password, pam never 
> even gets involved.

Don't use yppasswd, use normal passwd program. It will use YP call's
(via PAM) to change the password if 'nis' option is present.

Jan
-- 
Jan Rękorajski            |  ALL SUSPECTS ARE GUILTY. PERIOD!
baggins<at>mimuw.edu.pl   |  OTHERWISE THEY WOULDN'T BE SUSPECTS, WOULD THEY?
BOFH, MANIAC              |                   -- TROOPS by Kevin Rubio

_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux