[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

NIS+ support in PAM and ownpass in wheel


in our university NIS+ is used for long. As there is no NIS+ implementation
in the Debian distribution I decided last year to implement the pam_unix2
(http://www.suse.com/~kukuk) mechanism of Thorsten Kukuk in the Debian 
Pam-0.72 pam_unix module. This patch worked realy fine in cooperation with 
Solaris and was testet on over 50 Linux Computers. This patch was part of 
the collection of unofficial Debain-NIS+ packages maintained by Michael
and was public available for quite a while on
http://www.realbodo.de/debian/ . 
Although this worked fine in practice I kindly invite you to have an eye on

it. I've made a new updated patch on the cvs tree from 6.4.01 but it should

also works well in the new Linux-PAM-0.75 version.
If everything is ok Andrew Morgan plans to integrate it in the main cvs

Ok now the second part:
In a large computer environment its also usefull to give the local
systemadministator root access on his machine. There was an alternative su 
package available which allowed an user to gain root access on the local 
machine with his own user password. So it would be nice if this feature is 
implemented in PAM. In the pam_wheel mechanism only the flags trust and 
deny are available.  So I inserted a this feature in this module
With the flag ownpass a user in the wheel group can switch to root if his
own userpasswordis correct. So there is no need to tell people the root 
password and the root switches can be logged. 

This two patches are attached in this mail and can also be downloaded on

Have fun 

 University of Regensburg

Attachment: pam_unix.01.04.06.diff.gz
Description: GNU Zip compressed data

Attachment: pam_wheel.01.04.06.diff.gz
Description: GNU Zip compressed data

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []