Jason Pyeron wrote: > > Ross S. W. Walker wrote: > > > > Jason Pyeron wrote: > > > > > > but still get: > > > > > > Last login: Tue Apr 15 11:24:57 2008 from xxxxxxxx.myvzw.com > > > Could not chdir to home directory /home/USER: No such file or > > > directory > > > -bash-3.00$ > > > > > > Any ideas? > > > > Well what you have will only cover console logins via the login > > process, not GUI xdm/gdm/kdm or ssh/telnet/ftp/rsh logins. > > > > Try this: > > > > /etc/pam.d/system-auth > > #%PAM-1.0 > > # This file is auto-generated. > > # User changes will be destroyed the next time authconfig is run. > > auth required pam_env.so > > auth optional pam_group.so > > auth sufficient pam_unix.so nullok try_first_pass > > auth requisite pam_succeed_if.so uid >= 500 quiet > > auth sufficient pam_krb5.so use_first_pass > > auth required pam_deny.so > > > > account required pam_unix.so broken_shadow > > account sufficient pam_localuser.so > > account sufficient pam_succeed_if.so uid < 500 quiet > > account [default=bad success=ok user_unknown=ignore] pam_krb5.so > > account required pam_permit.so > > > > password requisite pam_cracklib.so try_first_pass retry=3 > > password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok > > password sufficient pam_krb5.so use_authtok > > password required pam_deny.so > > > > session optional pam_keyinit.so revoke > > session required pam_mkhomedir.so skel=/etc/skel umask=0077 silent > > session required pam_limits.so > > session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid > > session required pam_unix.so > > session optional pam_krb5.so > > > > Of course tailor for your environment. > > > > Defaults are fine for our use. > > > I have tested this config to persist through different authconfig's. > > > > How? It gets blown away here. > Disregard, I must have been thinking of something else, yes authconfig blows these away. It would be nice if authconfig stuck in includes to a separate pam for local configuration to be preserved, or if they used template files for creating the default configuration. If they used templates the python scripts would probably be a lot smaller and less complex and would allow administrators to customize the templates for their environment. Anyways I'm going to put mine in a system-auth-local file and stick in includes and see if that works better in the long run. -Ross ______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.