[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

PAM + pam_smb + login.c.diff



I am trying to get login (login) to use pam_smb.  I have 3 boxes, 2 RedHat
5.2 and one 6.0 (kernel 2.2.10, 2.2.1, 2.2.5).
I know that I should probably update all of them to RedHat 6.0, and kernel
2.2.10, but I don't want to bring down any
of them right now.

Logging in works on all three boxes except for the fact that there is a bug
in /bin/login, that in conjunction with pam_smb,
if it cannot resolve the IP of the client that it causes a segfault and
drops the connection.

Since I might have users coming in from different unknown locations, I won't
always be able to have the IP resolve.

So, I applied login.c.diff found at http://www.csn.ul.ie/~airlied/pam_smb/
to the correct versions (RedHat 5.2 and 6.0)
of utils-linux (util-linux-2.8-11.src.rpm and util-linux-2.9o-13.src.rpm
respectively).

The RedHat 6.0 box still works fine, but the 5.2 boxes no longer let you
login when the authentication is to from
pam_smb_auth.so (it still works when there is an entry in /etc/passwd).

The interesting thing is that my ultimate goal is only allowing ssh
connection, and on both the 5.2 and 6.0 boxes ssh using
pam_smb works perfectly.

Thanks for any help, below you will find my /etc/pam.d files.

Kenn Herman

5.2 boxes
login:
#%PAM-1.0
auth       required     /lib/security/pam_securetty.so
auth       required     /lib/security/pam_smb_auth.so
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
session    required     /lib/security/pam_pwdb.so

ssh:
#%PAM-1.0
auth       required     /lib/security/pam_smb_auth.so
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
session    required     /lib/security/pam_pwdb.so

6.0 box
login
#%PAM-1.0
auth       required     /lib/security/pam_securetty.so
auth       required     /lib/security/pam_smb_auth.so
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so nullok use_authtok md5
shadow
session    required     /lib/security/pam_pwdb.so
session    optional     /lib/security/pam_console.so

ssh
#%PAM-1.0
auth       required     /lib/security/pam_smb_auth.so
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
session    required     /lib/security/pam_pwdb.so





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []