[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam_listfile segfault with winbind



Hi,

for some reasons, i want to check if a user is in a given set of groups. Groups and user data come from a PDC (via winbind) - up to this point everything works. I then tried to use pam_listfile to check the group membership of the user against a group list. To check, i set up /etc/pam.d/su
on
---8<------
auth required pam_listfile.so \
onerr=fail item=group sense=allow file=/etc/sulist
auth sufficient pam_rootok.so
auth required pam_warn.so
auth sufficient pam_winbind.so
auth required pam_unix.so use_first_pass shadow nullok


account    sufficient pam_winbind.so
account    required   pam_unix.so
session    required   pam_unix.so
--->8-----

When I tried to 'su' to a domain users account, i got a segfault. I tried to add 'debug' to the pam_listfile line and got segfaults whenever i used su ... After some searchin on the net, I found a posting from Michael Tokarev Dec 16 2000 on this list, where he announced a replacement for pam_listfile. I compiled and installed that version and it works as it should.


BTW. I used LinuxPAM (0.72) as it comes with debian 2.2, but beside somw additional defines, the curren version of pam_listfile is still the same.


Ciao
Andreas







[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []