systematic Kerberization
Norman Gaywood
norm at turing.une.edu.au
Wed May 12 05:51:15 UTC 2004
On Wed, 2004-05-12 at 12:44, Matthew Miller wrote:
> On Tue, May 11, 2004 at 08:10:30AM -0600, Stephen Smoogen wrote:
> > The standard way I have seen it implemented on other versions of Linux
> > (here and other large organizations) is that the central authentication
> > is used first in the pam stack and if it fails/isnt available you get
> > authorized against the local password db which if it works lets you in.
>
> "Other versions" including Red Hat Linux up until it suddenly stopped
> working circa version 7.3.
>
> <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=55193>
I just posted this on that bugzilla:
In September 2002 I went to a AUUG conference and listened to a talk
"Polythene PAM ain't what she used to be". This problem was described
then. Nalin is mentioned in the paper.
http://meltin.net/people/martin/publications/polythenepam.pdf
I don't know if the workaround in the paper solves the problem.
--
Norman Gaywood, Systems Administrator
School of Mathematics, Statistics and Computer Science
University of New England, Armidale, NSW 2351, Australia
norm at turing.une.edu.au Phone: +61 (0)2 6773 2412
http://turing.une.edu.au/~norm Fax: +61 (0)2 6773 3312
Please avoid sending me Word or PowerPoint attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html
More information about the fedora-devel-list
mailing list