NIS and PAM
Nathan Yocom
nate at yocom.org
Sat Dec 25 11:54:02 UTC 2004
In my experience, when using passwd: nis files in nsswitch.conf, running
'passwd' actually uses the PAM stack to change the password then sets
the password against NIS as well. Admittedly this was with a Solaris
system and some time ago though, but maybe you need to try the other
direction? (i.e. get passwd/PAM to use NIS rather than get NIS/yppasswd
to use PAM)
Nate
Ted Beaton wrote:
>Does anyone know how to force yppasswd to go through pam_cracklib.so? I am
>building a small lan that can be classified or unclassified depending on
>which set of removable drives are put in the machines. It's a convoluted
>path that led me to this set up but the bottom line is, without
>pam_cracklib.so I don't know how to enforce the required complexity of
>passwords and I haven't been able to figure out how to get yppasswd to use
>pam_cracklib.so. My understanding is yppasswd on the client just talks
>directly to the NIS server which updates it's own password databases and it
>bypasses pam completely. Or is there some other module or method by which I
>can do this? My fall back is make it so no one can change the passwords but
>me but I have a feeling the Defense Security Service would prefer it was
>enforced by an application.
>
>Ted
>
>_______________________________________________
>Pam-list mailing list
>Pam-list at redhat.com
>https://www.redhat.com/mailman/listinfo/pam-list
>
>
More information about the Pam-list
mailing list