[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: login bug ?



On Thu, 24 Oct 1996, Cristian Gafton wrote:

> On Thu, 24 Oct 1996, Michael K. Johnson wrote:
> 
> > Rather than try to make a general-purpose module that handles this
> > case, I think it makes the most sense to have a pam_nologin module.
> > Anyone disagree?
> 
> Couldn't be easier to play a little with pam_listfile/pam_rootok instead ?

I had sent in patches for pam_listfile to add items such as group & shell,
don't know if they got integrated or not. It might be useful to add an
item 'exists'.
i.e.
login	auth	required	/lib/security/pam_listfile.so item=exists \
file=/etc/nologin sense=deny

The only problem with this is that it will fail for root as well, which is
obviously not what is wanted. Perhaps rootok would be the better place, or
perhaps integrating the securetty, rootok, and /etc/nologin modules into
one would be best - they all perform the same basic purpose.

-- Elliot

A: "Talk about stupidity!"
B: "Who, you?"
A: "No, me!"



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []