[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: very nasty bug in pam_succeed_if

Paul Raines a écrit le 10.06.2004 16:06:
I have a mix of various RedHat and Fedora Systems in our network
where we still use NIS. In nsswitch.conf, we use 'compat' mode
for passwd, shadow, group.

After doing two clean FC2 installs I noticed that any user with
over 8 groups could not login. Doing a 'su - user' as one of these
users would segfault. If I removed compat mode from nsswitch.conf,
the problem would go away.

However, on a FC2 test 3 box that I update to FC2 final, I did
not have this problem.  This helped me track the problem down to
the pam_succeed_if line in /etc/pam.d/system-auth which did not
exist on the upgraded box (why the update did not put this in
I do not know).  Removing the line from system-auth on the two
clean install boxes fixed the problem.

What exactly is the reasoning behind the pam_succeed_if line being
added to system-auth anyway?

I have same problem, unable to connect in nis "compat" mode. See my post "Is nis compatibility mode working in FC2 ?". I am a member in 8 groups. This solves my problem.

Thanks a lot.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]