[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM> passwd: User not known to the underlying authenticationmodule



On Mon, 28 Aug 2000, Matthew Copeland wrote:

>   I am working with a pared down redhat installation, and I am
> attempting to get PAM working again, but I can't seem to find what I am
> missing.  I currently have /etc/pam.d/ configured with the following.
> 
> /etc/pam.d
> other
> system-auth
> 
> 
> /etc/pam.d/other
> auth	required	pam_unix_auth.so
> account	required	pam_unix_acct.so
> password required	pam_unix_passwd.so
> session	required	pam_unix_session.so
For security reasons your pam.d/other should look like:
#%PAM-1.0
auth     required       /lib/security/pam_deny.so
account  required       /lib/security/pam_deny.so
password required       /lib/security/pam_deny.so
session  required       /lib/security/pam_deny.so

system-auth is fine but probably isn't used by anything unless you are
using pam_stack...

> /etc/pam.d/system-auth
> #%PAM-1.0
> # This file is auto-generated.
> # User changes will be destroyed the next time authconfig is run.
> auth        sufficient    /lib/security/pam_unix.so likeauth nullok md5
> shadow
> auth        required      /lib/security/pam_deny.so
> account     sufficient    /lib/security/pam_unix.so
> account     required      /lib/security/pam_deny.so
> password    required      /lib/security/pam_cracklib.so retry=3
> password    sufficient    /lib/security/pam_unix.so nullok use_authtok
> md5 shadow
> password    required      /lib/security/pam_deny.so
> session     required      /lib/security/pam_unix.so
> 
> 
> This will work fine, but as soon as I add passwd to /etc/pam.d with the
> contents below I can't get passwd to work.  It gives me the error
> "passwd: User not known to the underlying authentication module".  Most
> of the other PAM services die when I add there respective services also.

That's probably because you were using a misconfigured other file...
 
> 
> /etc/pam.d/passwd
> #%PAM-1.0
> auth       required	pam_pwdb.so shadow nullok
> account    required	pam_pwdb.so
> password   required	pam_cracklib.so retry=3
> password   required	pam_pwdb.so use_authtok nullok md5 shadow
> 
> 
> I've copied all the files from /lib/security, /etc/security, and
> /lib/libpam* over to the new system.  Any suggestions?  If you need more
> information about something in particular, feel free to ask.

Copy the files from /etc/pam.d/login sshd ftp or whatever services you use
over to the new box.  (or reinstall the rpm).  Verify your passwd and
shadow files exist and are not corrupt.

 > 
> Matthew M. Copeland
> Software Engineer
> Honeywell
> matthew.copeland@honeywell.com
> 
> 
> 
> _______________________________________________
> Pam-list mailing list
> Pam-list@redhat.com
> https://listman.redhat.com/mailman/listinfo/pam-list
> 

----------------
Running on Linux 2.4
Michael A. Dietz
mad099@dietznet.net





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []