[Linux-cluster] /etc/pam.d/su with ldap

Anthony admin.cluster at gmail.com
Mon May 29 14:41:49 UTC 2006

Hi, i have modified my /etc/su file so that it integrates Ldap,

i got a small problem, whenever the root user do a
$su - username1

it asks me a passwor, i hit 'enter' then i get the prompt;

what is wrong with my su confg file ?

# cat /etc/redhat-release
Red Hat Enterprise Linux AS release 4 (Nahant Update 2)

# uname -a
Linux cluster2 2.6.9-22.0.1.ELsmp #1 SMP Tue Oct 18 18:39:02 EDT 2005
x86_64 x86_64 x86_64 GNU/Linux

# cat /etc/pam.d/su
#pam_ldap Added by me
auth       sufficient   pam_ldap.so
account    sufficient   pam_ldap.so
password   sufficient   pam_ldap.so

auth       sufficient   /lib/security/$ISA/pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel"
#auth       sufficient   /lib/security/$ISA/pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth       required     /lib/security/$ISA/pam_wheel.so use_uid
auth       required     /lib/security/$ISA/pam_stack.so service=system-auth
account    required     /lib/security/$ISA/pam_stack.so service=system-auth
#added try_first_pass
password   required     /lib/security/$ISA/pam_stack.so
service=system-auth try_first_pass
# pam_selinux.so close must be first session rule
session    required     /lib/security/$ISA/pam_selinux.so close
session    required     /lib/security/$ISA/pam_stack.so service=system-auth
# pam_selinux.so open and pam_xauth must be last two session rules
session    required     /lib/security/$ISA/pam_selinux.so open multiple
session    optional     /lib/security/$ISA/pam_xauth.so

More information about the Linux-cluster mailing list