I guess I was now able to locate the issue.
It looks like the read_field function doesn't like # comment lines.
As soon as I removed any comment from the file (like below) and only
have the two elementary lines, the warning message disappears:
# ######################################################################
# --- This file is under control of central configuration management ---
#
# For further informations see https:...
# ######################################################################
# the syntax of the lines is as follows:
#
# services;ttys;users;times;groups
#
*; *; unki; Al0000-2400; adm
*; *; lefant; Al0000-2400; adm
#
# End of group.conf file
#
Andreas
Quoting Andreas Unterkircher <unki@xxxxxxxxxxxx>:
Hello,
We are using pam_group.so to dynamically add our LDAP-based
admin accounts to the "adm" group to be able to read syslog
files without sudo under Debian.
Basically it works perfectly - the only issue we have is that
the syslog is now filled up with lines like:
pam_group[11483]: /etc/security/group.conf; no tty entry #1
pam_group[29319]: couldn't get the tty name
Our /etc/security/group.conf contains two lines:
*; *; admin1; Al0000-2400; adm
*; *; admin2; Al0000-2400; adm
What I can read from the example comments a wildcard is
supported in the tty-column. But as far as I be able to read
from the source the error is generated because * is not a
vaild shell according /etc/securetty. Basically we only need
it for ssh - but tty* or pts* is not working.
What is the point in still showing up this log message on a
wildcard match?
Regards,
Andreas
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
