[CentOS] Centos 5 pam system-auth changes?
Les Mikesell
lesmikesell at gmail.comThu Sep 6 18:58:02 UTC 2007
- Previous message: [CentOS] Server crashes...
- Next message: [CentOS] CentOSPlus Perl Upgrade
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Can someone explain the changes in the system PAM setup for Centos5 vs. earlier verions? I have servers configured to use SMB authentication against a Windows domain controller so I don't have to deal with separate passwords. That still works the same for users that actually have local accounts. However, on some machines I also build the mod_auth_pam module for apache and use an /etc/pam.d/httpd file like: #%PAM-1.0 auth required pam_stack.so service=system-auth account required pam_permit.so The 'account' line is supposed to let anyone in, even if they don't have any local account info so everyone with a domain login/password can access the password protected web pages. On Centos5, apache authentication with mod_auth_pam still requires a local account. I think this entry in /etc/pam.d/system-auth may be the problem: auth requisite pam_succeed_if.so uid >= 500 quiet Does that mean pam is going to fail if it can't find account info during the auth phase? How can I make apache use all the system-auth ways to check a password without necessarily needing a local account? (If someone does have a local account with a local password, I want that to work too). -- Les Mikesell lesmikesell at gmail.com
- Previous message: [CentOS] Server crashes...
- Next message: [CentOS] CentOSPlus Perl Upgrade
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list