[Freeipa-users] FreeIPA manual PAM setup help
小龙 陈
chillermillerlong at hotmail.com
Fri Nov 30 01:55:57 UTC 2012
> Date: Thu, 29 Nov 2012 20:30:01 +0100
> From: jhrozek at redhat.com
> To: freeipa-users at redhat.com
> Subject: Re: [Freeipa-users] FreeIPA manual PAM setup help
>
> On Thu, Nov 29, 2012 at 01:56:24PM -0500, 小龙 陈 wrote:
> > I didn't know that ipa-server is now working in Ubuntu. That's really great news!
> >
> > Best regards,
> > Xiao-Long Chen
> >
>
> I could be wrong, but I don't think the IPA server is working in
> Ubuntu..I know the client bits are and there was an effort to package
> the server as well, but I don't think it's finished yet.
>
> Timo would know better, though..
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
And PAM is working!
I've just finished a helper for setting up NSS and PAM for sssd. It
basically does the following:
1. Looks for 'passwd', 'shadow', 'group', 'services', 'netgroup', and 'automount'
in /etc/nsswitch.conf and adds 'sss' to it.
2. Looks for pam_unix.so in every file in /etc/pam.d/, changes 'required'
to 'sufficient', and adds an 'include' line for 'sss' right below itq. /etc/pam.d/sss
contains the pam_sss.so lines.
So far, I've tested sudo and su, and both are working :)
Here's a link to the script: https://github.com/chenxiaolong/ArchLinux-Packages/blob/master/freeipa/sss-auth-setup.py
If someone is bored, I'd appreciate it if he/she would take a look at it
for glaring issues.
Best regards,
Xiao-Long Chen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20121129/a911f547/attachment.htm>
More information about the Freeipa-users
mailing list