Problems with pam_nologin.so

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm sorry to hit the entire list with this question but after some hours research I'm still unable to find a solution to my problem. I need a way to allow certain users (eg the administrators) access to a system even when /etc/nologin is present. The orginal Redhat 5 config read like:
 
  auth       include      system-auth
  account    required     pam_nologin.so
  account    include      system-auth
  ....
 
with system-auth containing 
 
  ...
  account     required      pam_unix.so
  account     sufficient    pam_succeed_if.so uid < 500 quiet
  account     required      pam_permit.so
  ...
 
My modification would be:
 
  #%PAM-1.0
  auth       include      system-auth
  account    include      system-auth
  account    sufficient   pam_listfile.so onerr=fail item=user sense=allow file=/etc/admins
  account    required     pam_nologin.so
  ....
 
Which holes do I open by moving pam_nologin.so to the end of the stack? Are there better ways to reach my goal?
 
thanks for any help 
Michael
 
 
------------------------------------------------------------------------
Michael Hebenstreit                 Senior Cluster Architect
Intel Corporation                   Software and Services Group/DRD
2800 N Center Dr, DP3-307           Tel.:   +1 253 371 3144
WA 98327, DuPont           
UNITED STATES                       E-mail: michael.hebenstreit@xxxxxxxxx

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux