[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM and logon failures if username not correct



Richard Sharpe writes:
>I am having a problem on a RH4.0 system trying to get dial-up working. The
>problem seems to relate to PAM.
>
>Unfortunately, we have PAM 0.50 on the machine, and it is a production
>machine, so I have to tread carefully. Upgrading to RH4.2 or 5.0 is not on
>the cards for a while yet, but upgrading to the latest PAM support may be
>feasible if it does not break too many other things.

The latest PAM will break things; we had to make an incompatible change
in the interface to track a changing standard.  There are also problems
upgrading even to the version of PAM that comes with 4.2 because of
the pamconfig changes; 4.2 moved to /etc/pam.d/ instead of /etc/pam.conf

>1. If a user gets their username wrong, perhaps because they mistyped, they
>are logged out immediately, and the modem drops.

With the latest pam and pam_pwdb.so, that's configurable.  But I don't
think it is with pam_unix; you may have to hack the source yourself.

4.2 is quite stable, definitely more so than 4.0; I recommend that you put
upgrading to 4.2 on the cards ASAP.  It will definitely make it easier for
you to keep up with security updates.

michaelkjohnson

"Magazines all too frequently lead to books and should be regarded by the
 prudent as the heavy petting of literature."            -- Fran Lebowitz
                        http://www.amazon.com/exec/obidos/ISBN=0201308215



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []