[Freeipa-users] Host Based Access Control and Solaris?
JR Aquino
JR.Aquino at citrix.com
Wed Jan 4 14:29:54 UTC 2012
On Jan 4, 2012, at 2:39 AM, "Craig T" <freeipa at noboost.org> wrote:
> Hi,
>
> Server: RHEL6.2
> Spec: ipa-server-2.1.3-9
>
> 1) After reading the IPA documentation, it seems that HBAC is only available to SSSD clients. This would suggest that I'm not going to be able to configure it for Solaris hosts?
> "Using host-based access control requires SSSD to be installed and configured on the IPA client
> machine."
I have written a custom python Pam module that fully supports HBAC in Linux, however, it utilizes http://ace-host.stuart.id.au/russell/files/pam_python/. Which is currently not OpenPAM compatible. I've been seeking help to find someone to port it to OpenPAM since that is what the BSD's, Solaris, and MacOSX use, but I haven't had any luck so far.
>
> 2) Does this mean that I won't be able to control "who" can log onto our solaris servers? Perhaps I'll have to configure a custom /etc/hosts.deny entry?
>
> cya
>
> Craig
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
More information about the Freeipa-users
mailing list