Problem with user root
Tay, Gary
Gary_Tay at platts.com
Fri May 21 09:00:46 UTC 2004
Hi,
Just guessing, u may want to add "rootok" somewhere...
See /usr/share/doc/pam-0.75/txts/README.pam_rootok, and all text files
in the txts dir.
Rgds
Gary
# $Id: README,v 1.1.1.1 2000/06/20 22:11:56 agmorgan Exp $
#
this module is an authentication module that performs one task: if the
id of the user is '0' then it returns 'PAM_SUCCESS' with the
'sufficient' /etc/pam.conf control flag it can be used to allow
password free access to some service for 'root'
Recognized arguments:
debug write a message to syslog indicating success or
failure.
module services provided:
auth _authentication and _setcred (blank)
Andrew Morgan
-----Original Message-----
From: pam-list-bounces at redhat.com [mailto:pam-list-bounces at redhat.com]
On Behalf Of Javier Ferruz Rodriguez
Sent: Friday, May 21, 2004 4:23 PM
To: pam-list at redhat.com
Subject: Problem with user root
Hi,
I've configured my RHEL 2.1 AS for authentication users in LDAP. My LDAP
server is SunOne Directory 5.2
My /etc/nsswitch.conf file is
password files ldap
group files ldap
shadow files ldap
My /etc/pam.d/login
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_mkhomedir.so skel=/etc/skel
umask=0022
session optional /lib/security/pam_console.so
My /etc/pam.d/system-auth is
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth sufficient /lib/security/pam_ldap.so use_first_pass
auth required /lib/security/pam_deny.so
account required /lib/security/pam_unix.so
account [default=bad success=ok user_unknown=ignore
service_err=ignore
system_err=ignore] /lib/security/pam_ldap.so
password required /lib/security/pam_cracklib.so retry=3 type=
password sufficient /lib/security/pam_unix.so nullok use_authtok
md5
shadow
password sufficient /lib/security/pam_ldap.so use_authtok
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
session optional /lib/security/pam_ldap.so
The configuration is OK when the LDAP server is running. All users are
validated in the LDAP server except root.
When the LDAP server is down, root can't validate in the system. Why?
Can anybody help me?
Thanks in advance,
_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail
_______________________________________________
Pam-list mailing list
Pam-list at redhat.com https://www.redhat.com/mailman/listinfo/pam-list
More information about the Pam-list
mailing list