On Wednesday 07 July 2004 15:32, Faehl, Chris wrote: > I'm not sure how PAM works (eg, if it can't find a specific instance in > pam.d for a given program, fall through and use system-auth), IIRC it doesn't - you should find a file called /etc/pam.d/other which is used for apps calling pam whioch don't have their own config file. system-auth is used for centralised checking, and is usually referenced in other files using the pam_stack library for particular test types. > but if it > does work as parenthetically indicated, then the original problem is > that RedHat does ship /etc/pam.d/sshd. If that theory holds, removing > /etc/pam.d/sshd should make system-auth consulted. > I've just verified > that this is not what occurs: if /etc/pam.d/sshd does not exist - ya > don't get in (eg, system-auth isn't consulted). this is why: /etc/pam.d/other #%PAM-1.0 auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_deny.so password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_deny.so i.e Go Away. HTH Stuart -- Stuart Sears RHCE, RHCX -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
