[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam_nologin module and sshd



Hi,

I have pam-0.72-37 and openssh-2.3.0p1 installed. The /etc/pam.d/sshd
looks like this:
#%PAM-1.0
auth       required     /lib/security/pam_pwdb.so shadow nodelay
auth       required     /lib/security/pam_nologin.so debug
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so shadow use_authtok
session    required     /lib/security/pam_pwdb.so
session    required     /lib/security/pam_limits.so

The problem is when there is /etc/nologin present users other than root
can still ssh in to box.
    [root@distro /root]# ls -l /etc/nologin
    -rw-r--r--    1 root     root           10 Apr 20 10:21 /etc/nologin

    [root@distro /root]#

I attach an strace to sshd and I see that the module is opened
    593   open("/lib/security/pam_nologin.so", O_RDONLY) = 5

And I can see that the reference to the correct file (/etc/nologin) got
compiled into the module
    [root@distro /root]# strings /lib/security/pam_nologin.so |grep
nologin
    pam_nologin.so
    /etc/nologin
    [root@distro /root]#

Any ideas would be greatly appreciated.

Pete

begin:vcard 
n:O'Hara;Pete
x-mozilla-html:FALSE
org:Guardian Digital, Inc.
adr:;;;;;;
version:2.1
email;internet:pete@guardiandigital.com
x-mozilla-cpt:;-8352
fn:Pete O'Hara
end:vcard

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []