> >> Yesterday I installed pam_shield and followed the testing suggested and > >> thought all was well. > >> today I find that I cannot get to my email account, I can login via ssh okay > >> (uses keys) but su and sudo give > >> segmentation faults. I am guessing due to the pam module causing a problem. > >> As I cannot do remote login as root and sudo and su use pam I appear to have > >> locked myself out. > >> > > > > I have not encountered this issue. And I have been using it on 32bit and > > 64bit machines with RHEL4 and RHEL5. I guess it must be related to a > > configuration issue somewhere. Not good though. > > > > Was this with the 0.9.2 release, or the 0.9.3 release ? > > > > Please provide this information to the author, he might help you find the > > cause and fix it in pam_shield. > > > > Thanks for reporting, > > > Update - running 0.9.2 release on both a .386 and a .x86_64 system > I think the location of the > auth optional pam_shield.so > line within the /etc/pam.d/ config files is important?? > I had an error on the 64 bit machine thus it was not running - I have > now fixed and after looking at the response from S.Tindall I have moved > the line to the location as shown in /etc/pam.d/system-auth-ac: > <snip> > auth required pam_env.so > auth sufficient pam_unix.so nullok try_first_pass > auth requisite pam_succeed_if.so uid >= 500 quiet > auth sufficient pam_krb5.so use_first_pass > auth optional pam_shield.so > auth required pam_deny.so > <snip> > Lets see if this works. I've tried that too and it was a good suggestion as su now crashes only if you enter a wrong password. I've also tried to rebuild rpmforge srpm with no luck. Could you really make this thing work? I mean did it actually block anything after a series of failed logins? Sasha