On Mon, 6 Feb 2006, Tomas Mraz wrote:
> -------- Forwarded Message --------
> From: Carlos M.S. <cmorales@xxxxxxxx>
> To: tmraz@xxxxxxxxxx
> Subject: PAM list failure?? Please, help me
> Date: Sun, 05 Feb 2006 00:18:02 +0000
>
> Hello, my name is Carlos and I suscribed to Pluggable Authentication
> Modules <pam-list@xxxxxxxxxx> three days ago, but it doesn't accept my
> messages...
>
> Here are my doubts. Could you post them? Please, I've tried to do it 2
> or 3 times but without success:
>
> --------------DOUBT 1:
> Hello, I've made the following changes in my login configuration:
>
> /etc/pam.d/login
> account required pam_time.so
>
> /etc/security/time.conf
> login;*;alumno1|alumno2;!Al1430-0830
>
> But it doesn't work...
>
... since matching patterns must be separated from logic operations and from
each other with spaces (take a careful look at time.conf sample located in the
source directory for pam_time.so).
> -------------DOUBT 2:
> Please, Could you tell me which is the most secure option? required or
> requisite? It seems to be required, isn't it?
>
It isn't, since when requisite module fails, control is immediately returned to
application, contrary to required module, whose failure won't be apparent to
application until all modules in the stack are polled (look at doc/txts/pam.txt
in PAM source directory).
--
Sincerely Your, Dan.
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
