very nasty bug in pam_succeed_if
Andre Brouty
Andre.Brouty at enst-bretagne.fr
Thu Jun 10 16:29:48 UTC 2004
Paul Raines a écrit le 10.06.2004 16:06:
> I have a mix of various RedHat and Fedora Systems in our network
> where we still use NIS. In nsswitch.conf, we use 'compat' mode
> for passwd, shadow, group.
>
> After doing two clean FC2 installs I noticed that any user with
> over 8 groups could not login. Doing a 'su - user' as one of these
> users would segfault. If I removed compat mode from nsswitch.conf,
> the problem would go away.
>
> However, on a FC2 test 3 box that I update to FC2 final, I did
> not have this problem. This helped me track the problem down to
> the pam_succeed_if line in /etc/pam.d/system-auth which did not
> exist on the upgraded box (why the update did not put this in
> I do not know). Removing the line from system-auth on the two
> clean install boxes fixed the problem.
>
> What exactly is the reasoning behind the pam_succeed_if line being
> added to system-auth anyway?
>
I have same problem, unable to connect in nis "compat" mode.
See my post "Is nis compatibility mode working in FC2 ?".
I am a member in 8 groups. This solves my problem.
Thanks a lot.
--
André
More information about the fedora-list
mailing list