[CentOS] Re: nis and new users
Scott Silva
ssilva at sgvwater.com
Tue Apr 15 17:58:24 UTC 2008
on 4-15-2008 10:17 AM Jason Pyeron spake the following:
>
>> -----Original Message-----
>> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
>> Behalf Of Ross S. W. Walker
>> Sent: Tuesday, April 15, 2008 12:16 PM
>> To: CentOS mailing list
>> Subject: RE: [CentOS] nis and new users
>>
>> Well what you have will only cover console logins via the login
>> process, not GUI xdm/gdm/kdm or ssh/telnet/ftp/rsh logins.
>>
>> Try this:
>>
>> /etc/pam.d/system-auth
>> #%PAM-1.0
>> # This file is auto-generated.
>> # User changes will be destroyed the next time authconfig is run.
>> auth required pam_env.so
>> auth optional pam_group.so
>> auth sufficient pam_unix.so nullok try_first_pass
>> auth requisite pam_succeed_if.so uid >= 500 quiet
>> auth sufficient pam_krb5.so use_first_pass
>> auth required pam_deny.so
>>
>> account required pam_unix.so broken_shadow
>> account sufficient pam_localuser.so
>> account sufficient pam_succeed_if.so uid < 500 quiet
>> account [default=bad success=ok user_unknown=ignore] pam_krb5.so
>> account required pam_permit.so
>>
>> password requisite pam_cracklib.so try_first_pass retry=3
>> password sufficient pam_unix.so md5 shadow nullok try_first_pass
>> use_authtok
>> password sufficient pam_krb5.so use_authtok
>> password required pam_deny.so
>>
>> session optional pam_keyinit.so revoke
>> session required pam_mkhomedir.so skel=/etc/skel umask=0077
>> silent
>> session required pam_limits.so
>> session [success=1 default=ignore] pam_succeed_if.so service in crond
>> quiet use_uid
>> session required pam_unix.so
>> session optional pam_krb5.so
>>
>
> Hmm, it worked for su -l but not ssh logins ....
>
>
> Making progress.
Do you have ssh set to use pam?
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20080415/648095d3/attachment.sig>
More information about the CentOS
mailing list