SuSE & PAM & Kerberos?

Jason Gerfen jason.gerfen at scl.utah.edu
Mon Jun 14 19:32:47 UTC 2004


Per the Linux-PAM Administrators guide:
Introduction-
....
This PAM library is configured locally with a system file, 
|/etc/pam.conf| (or a series of configuration files located in 
|/etc/pam.d/|) to authenticate a user request via the locally available 
authentication modules.
....
With this in mind using SuSE 9.0 I edit the /etc/pam.d/login file adding 
configuration options for the pam_krb5 options.  ex.
auth required pam_krb5.so
account [default=bad success=ok user_unknown=ignore service_err=ignore 
system_err=ignore pam_krb5.so
password sufficient pam_krb5.so

Logout & then log back in and I get nothing... using YaST2 I configure 
the kerberos client and it loggs in just fine.  I re-edit the 
/etc/rc.d/login file to remove references to pam_krb5.so and log back 
in.  Success.

My question is this, where is SuSE hiding the PAM module configuration?  
I can add the module I wrote which does nothing more than get the user 
name and place it into the syslog to the /etc/rc.d/su & sudo files and 
when I log in they are recognized but if I add the same entry to the 
/etc/rc.d/login file I get nothing?

I have scoured their knowledge base on this and have found nothing in 
regards to manually configuring the pam modules to run at 'login'.  Well 
besides the general configuations I have described above anyways.

Anyone out there experiece this as well?  And if so how were you able to 
get around it?

-- 
Jason Gerfen

"...Sometimes I just yell at myself. And it
 makes me sad, sometimes I make myself cry..."
			~ My nephew Dawsyn






More information about the Pam-list mailing list