16 Jan 2011 10:20
UM
Jens Kasten <igraltist <at> rsbac.org>
2011-01-16 09:20:54 GMT
2011-01-16 09:20:54 GMT
Hi list, I am using UM for user authentification. I must set sufficient and not required for categorie auth in /etc/pam.d/system-auth otherwise it does not work. This I see in the log message. Jan 16 10:06:19 jaschtschik su[9778]: pam_authenticate: Authentication failure Jan 16 10:06:19 jaschtschik su[9778]: FAILED su for root by jens Jan 16 10:06:19 jaschtschik su[9778]: - /dev/pts/2 jens:root Latest rsbac-admin-tools 1.4.5 and kernel 2.6.35.10 from git. /etc/pamd.d/system-auth: auth required pam_env.so auth sufficient pam_rsbac.so #auth required pam_rsbac.so try_first_pass likeauth nullok auth required pam_deny.so account required pam_rsbac.so account optional pam_permit.so password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 try_first_pass retry=3 password required pam_rsbac.so password required pam_deny.so session required pam_limits.so session required pam_env.so session required pam_rsbac.so session optional pam_permit.so /etc/nsswitch.conf: passwd: rsbac shadow: rsbac group: rsbac kernel-configuration for um: CONFIG_RSBAC_UM=y CONFIG_RSBAC_UM_DIGEST=y CONFIG_RSBAC_UM_USER_MIN=2000 CONFIG_RSBAC_UM_GROUP_MIN=2000 CONFIG_RSBAC_UM_EXCL=y CONFIG_RSBAC_UM_MIN_PASS_LEN=6 CONFIG_RSBAC_UM_NON_ALPHA=y CONFIG_RSBAC_UM_PWHISTORY=y CONFIG_RSBAC_UM_PWHISTORY_MAX=8 CONFIG_RSBAC_UM_ONETIME=y CONFIG_RSBAC_UM_ONETIME_MAX=100 CONFIG_RSBAC_UM_VIRTUAL=y CONFIG_RSBAC_UM_VIRTUAL_ISOLATE=y CONFIG_RSBAC_AUTH_UM_PROT=y CONFIG_RSBAC_ACL_UM_PROT=y CONFIG_RSBAC_FF_UM_PROT=y GrĂ¼sse Jens _______________________________________________ rsbac mailing list rsbac <at> rsbac.org http://www.rsbac.org/mailman/listinfo/rsbac
RSS Feed