very nasty bug in pam_succeed_if
Paul Raines
raines at nmr.mgh.harvard.edu
Thu Jun 10 18:30:17 UTC 2004
On Thu, 10 Jun 2004, Matthew Miller wrote:
> On Thu, Jun 10, 2004 at 11:19:42AM -0400, Paul Raines wrote:
> > So the pam_succeed_if line in system-auth is really only needed if
> > you use LDAP (which I don't)?
>
> Yeah, or some other network auth protocol -- the problem before was that
> when remote account info wasn't available (network down, for example), it
> wasn't letting *local* accounts in -- even root.
>
I just pulled the network cable on my box and tried to login in as root.
It took a long time for NIS to timeout, but still succeeded. So I think
it something about the pam_unix call to the ldap API that not right.
More information about the fedora-list
mailing list