[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM> passwd: User not known to the underlying authenticationmodule



"Michael A. Dietz" wrote:
> 
> On Mon, 28 Aug 2000, Matthew Copeland wrote:
> 
> >   I am working with a pared down redhat installation, and I am
> > attempting to get PAM working again, but I can't seem to find what I am
> > missing.  I currently have /etc/pam.d/ configured with the following.
> >
> > /etc/pam.d
> > other
> > system-auth
> >
> >
> > /etc/pam.d/other
> > auth  required        pam_unix_auth.so
> > account       required        pam_unix_acct.so
> > password required     pam_unix_passwd.so
> > session       required        pam_unix_session.so
> For security reasons your pam.d/other should look like:
> #%PAM-1.0
> auth     required       /lib/security/pam_deny.so
> account  required       /lib/security/pam_deny.so
> password required       /lib/security/pam_deny.so
> session  required       /lib/security/pam_deny.so
> 
> system-auth is fine but probably isn't used by anything unless you are
> using pam_stack...
> 
> > /etc/pam.d/system-auth
> > #%PAM-1.0
> > # This file is auto-generated.
> > # User changes will be destroyed the next time authconfig is run.
> > auth        sufficient    /lib/security/pam_unix.so likeauth nullok md5
> > shadow
> > auth        required      /lib/security/pam_deny.so
> > account     sufficient    /lib/security/pam_unix.so
> > account     required      /lib/security/pam_deny.so
> > password    required      /lib/security/pam_cracklib.so retry=3
> > password    sufficient    /lib/security/pam_unix.so nullok use_authtok
> > md5 shadow
> > password    required      /lib/security/pam_deny.so
> > session     required      /lib/security/pam_unix.so
> >
> >
> > This will work fine, but as soon as I add passwd to /etc/pam.d with the
> > contents below I can't get passwd to work.  It gives me the error
> > "passwd: User not known to the underlying authentication module".  Most
> > of the other PAM services die when I add there respective services also.
> 
> That's probably because you were using a misconfigured other file...
> 
> >
> > /etc/pam.d/passwd
> > #%PAM-1.0
> > auth       required   pam_pwdb.so shadow nullok
> > account    required   pam_pwdb.so
> > password   required   pam_cracklib.so retry=3
> > password   required   pam_pwdb.so use_authtok nullok md5 shadow
> >
> >
> > I've copied all the files from /lib/security, /etc/security, and
> > /lib/libpam* over to the new system.  Any suggestions?  If you need more
> > information about something in particular, feel free to ask.
> 
> Copy the files from /etc/pam.d/login sshd ftp or whatever services you use
> over to the new box.  (or reinstall the rpm).  Verify your passwd and
> shadow files exist and are not corrupt.

Actually, this is exactly what I did.  All the files orginally come from
a stock /etc/pam.d/ redhat 6.2 install.  I used the other file
/etc/pam.d/other for the other file when I was trying to get it working
early on without any luck ever getting it working that way.  I changed
it so that I could at least see if I could get it working without that,
which it will.  I went ahead and changed the other file to what you had
just to make sure, but unfortunatly, that doesn't fix the problem.  Any
other ideas?

Matthew M. Copeland





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []