[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

a few more easy pam questions

  after reading a lot more of the documentation and checking out the
config files, a few more questions (and i'm always open to pointers
to *really* good pam tutorials :-).

  first, a question or two about the /etc/pam.d/system-auth file,
reproduced here:

  # This file is auto-generated.
  # User changes will be destroyed the next time authconfig is run.
  auth        required      /lib/security/pam_env.so
  auth        sufficient    /lib/security/pam_unix.so likeauth nullok
  auth        required      /lib/security/pam_deny.so

  account     required      /lib/security/pam_unix.so

  password    required      /lib/security/pam_cracklib.so retry=3 type=
  password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5 shadow
  password    required      /lib/security/pam_deny.so

  session     required      /lib/security/pam_limits.so
  session     required      /lib/security/pam_unix.so

the "likeauth" argument for pam_unix.so in the "auth" section doesn't
seem to be documented, as far as i can see.  any hint as to what it

  also, a number of the other config files use the "pam_stack.so"
module to recurse into system-auth.  given that the system-auth file
lists all four module types, i'm assuming that the only ones that
will be incorporated into the recursive call are those lines that match
the module of the "calling line", if i can call it that.  is this
correct?  it only makes sense, but the man page for "pam_stack"
doesn't state it explicitly.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []