AW: AW: Pam configuration files
Ethan Benson
erbenson at alaska.net
Fri Apr 16 02:51:48 UTC 2004
On Thu, Apr 15, 2004 at 11:29:14AM +0200, Debian-User wrote:
> Gary,
>
> I'm afraid that this doesn't work in every case (at least not at our
> servers). I was testing exactly that configuration you described and
> noticed two things:
>
> 1) the original sshd-file is called "sshd" (in /usr/sbin), while the
> original PAM-file (in /etc/pam.d) is called "ssh" (without a "d"),
> indicating that ssh IS NOT deriving the pam service name from argv[0]
> (now I remember again why I didn't try that in the first place ...)
debian explicity defines the service name at build time, with
-DPAM_SERVICE_NAME="ssh" (or so).
> 2) as a consequence my "derived" copy of sshd (/usr/sbin/gatewaysshd in
> this case) still uses /etc/pam.d/ssh anyway (therefore simply ignoring
> the name change and the contents in /etc/pam.d/gatewaysshd) - I checked
> this by making changes to /etc/pam.d/ssh which took effect upon
> restarting /usr/sbin/gatewaysshd (quite not what I wanted ...)
yup
> btw, my ssh-Version is: SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3
>
> Do you have ANY idea what to try next???
probably the only way to change the service name is to recompile ssh
in your case.
--
Ethan Benson
http://www.alaska.net/~erbenson/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pam-list/attachments/20040415/cfae8d65/attachment.sig>
More information about the Pam-list
mailing list