[Patch] Log message if getspnam() fails
Thorsten Kukuk
kukuk at suse.de
Sat Aug 15 12:16:11 UTC 2009
On Sat, Aug 15, Matthew W. S. Bell wrote:
> Hi,
> This patch logs a message if getspnam() fails which, notably, happens if
> the PAM using process does not have permissions to read /etc/shadow. As
> such, this message serves debugging and security notification purposes.
You are under the assumption that there has to be a shadow entry
if this function is called. But this is not that case. For example,
if you are using NIS, it is most likely that there is no entry.
Which would mean, that the log file would get flooded with this
message.
Thorsten
--
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Markus Rex, HRB 16746 (AG Nuernberg)
More information about the Pam-list
mailing list