pam_access.so user&hostname based access problems.
Sysadmin
sysadmin at e-positive.ee
Thu Apr 13 06:08:59 UTC 2006
Tere.
>
> IMHO this translates to:
>
> +:group1:ALL
> +:group2:172.0.0.
> -:ALL:ALL
>
>
Thank You, almost, but network path didn't work, so now I use:
+:group1:ALL
+:group2:172. 192.
-:ALL:ALL
Btw, I found some old post about different access.conf patch -
http://groups.google.com/group/linux.redhat.pam/browse_frm/thread/7ed3a429d9fb6b6c/f1ee1e4afb48ee26?lnk=st&q=pam_access.so&rnum=7#f1ee1e4afb48ee26
I create this simple patch for *pam_access; so* you can specify a diferent
access.conf file for every service (Or the default
/etc/security/access.conf, if not specified). For ex:
/etc/pam.d/sshd
#specify accessfile
account required /lib/security/*pam_access.so*
accessfile=/etc/security/access.sshd.conf
/etc/pam.d/login
#default accessfile
account required /lib/security/*pam_access.so*
This patch isn't anymore available and seems latest pam doesn't include
it, so the question is how to use different rules for different daemon?
--
Sysadmin
More information about the Pam-list
mailing list