[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [leafnode-list] PAM Support does not work!!!
- To: leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
- Subject: Re: [leafnode-list] PAM Support does not work!!!
- From: Matthias Andree <matthias.andree@xxxxxx>
- Date: Mon, 29 Mar 2004 00:14:44 +0200
- Delivery-date: Mon, 29 Mar 2004 00:16:00 +0200
- List-id: Discussions on the Leafnode Usenet software package <leafnode-list.dt.e-technik.uni-dortmund.de>
- User-agent: Mutt/18.104.22.168i
Jim Gifford schrieb am 2004-03-28:
> I am using a shadow passwd file.
That's what I thought. :-/
Security issues aside (make sure you don't authenticate outside your
LAN, NNTP passwords are sent in clear), I have double checked the PAM
code and seen no bugs, Hynek's code was and is in good shape AFAICS.
PAM is supposed to use a set-group-id helper program, /sbin/unix2_chkpwd
on my machine, to check the data against /etc/shadow. For some reason,
it doesn't try that but insists on reading /etc/shadow directly, which
must fail because it has not the proper privileges to do so.
If anyone knows the magic dance to perform at moonlight so that PAM uses
the setgid helper, please let me know. URL/pointer suffices.
Encrypt your mail: my GnuPG key ID is 0x052E7D95
leafnode-list mailing list