On Tue, 2005-06-28 at 10:48 -0700, Steven Bush wrote: > We use pam_authenticate to authenticate users logging into our software > product. On most systems, this has worked splendidly, however on one > customer's installation, authentication only succeeds if the process > calling pam_authenticate is running as root or else if the username being > authenticated is the same as the process' UID. > (Authentication Configuration): > Use Shadow Passwords: *YES* > Use MD5 Passwords: *YES* > Use LDAP Authentication: no > Use Kerberos 5: no > Use SMB Authentication: no > > Any thoughts? Any suggestions where to look? I'm assuming it's some sort > of file permission issue, but I can't figure out what it might be. This is easy - you're using shadow passwords so you cannot authenticate other users if the pam authentication doesn't run as root. The solution is to either not use shadow passwords or to use some other kind of authentication (LDAP, Kerberos5). -- Tomas Mraz <tmraz@xxxxxxxxxx> _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
