Re: pam_unix nonexistent user vs. invalid password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On St, 2016-02-17 at 13:53 +0100, Matus UHLAR - fantomas wrote:
can I differ between nonexistent user and invalid password in
pam.conf?

I want invalid user to be left for next authentication module, but
invalid
password to be rejected, so other people can not override password I
set for
local users.

I currently have:

auth    [success=2 default=ignore]      pam_unix.so nullok_secure

I have tried to add "auth_err=die" but that caused remot logins to be
refused too...

On 17.02.16 14:28, Tomas Mraz wrote:
Unfortunately that does not work. You can use pam_localuser before
pam_unix and jump over it for non-local users.

I don't want to jump over pam_unix for non-local users.
I guess jumping over pam_winbind for local users would do that.
Is that possible?

--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Quantum mechanics: The dreams stuff is made of.
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list




[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux