[CentOS] restricting access to an NIS netgroup

Wed Nov 9 18:43:32 UTC 2011
Joe Pruett <joey at q7.com>

On 11/09/2011 05:53 AM, Mike VanHorn wrote:
>> You'll probably need to add a pam_access.so reference to the stock
>> /etc/pam.d/password-auth. Make the first "account" line
>>    account  required  pam_access.so
> My CentOS system doesn't have a stock password-auth file. I tried creating
> one with that line in it, but that didn't work. Also, per some web pages I
> found, I tried putting that line into system-auth, but that didn't work
> either.
i use this line in my /etc/pam.d/sshd file and it works correctly.  i 
don't have other services, so i haven't put it in system-auth (or 
password-auth which is centos 6), but it does seem like it should work 
there as well.  keep in mind that other things may interfere, there is a 
rule in system-auth that allows anyone with uid < 500 in, so that could 
be clouding things for you.