[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM_IGNORE flag possibly not accepted/ignored ?





On Wed, Jun 23, 2010 at 10:50 AM, Tomas Mraz <tmraz redhat com> wrote:
>
>   Is there a way for example to turn on debug info in PAM ? From the
> point of view of the module I've verified and it should indeed be
> returning PAM_IGNORE. If that's the case, it seems the line isn't
> really ignore by PAM. The alternative is that something else is
> returned by pam_radius_auth but I have no trace of it.

You can replace pam_radius_auth.so with pam_debug.so auth=ignore - this
way you could see whether the stack works fine when PAM_IGNORE is
returned or not.

  Oh, excellent. I did try this:

------8<-------
auth        required      pam_debug.so auth=ignore
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so debug audit likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so
auth       required     pam_nologin.so
------8<-------

  and could logon with local info.. I'll have another look at the source of than module then..

  Thanks !

  Martin

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]