pam_group.so no tty entry
Andreas Unterkircher
unki at netshadow.at
Tue Jan 23 07:34:06 UTC 2007
I guess I was now able to locate the issue.
It looks like the read_field function doesn't like # comment lines.
As soon as I removed any comment from the file (like below) and only
have the two elementary lines, the warning message disappears:
# ######################################################################
# --- This file is under control of central configuration management ---
#
# For further informations see https:...
# ######################################################################
# the syntax of the lines is as follows:
#
# services;ttys;users;times;groups
#
*; *; unki; Al0000-2400; adm
*; *; lefant; Al0000-2400; adm
#
# End of group.conf file
#
Andreas
Quoting Andreas Unterkircher <unki at netshadow.at>:
> Hello,
>
> We are using pam_group.so to dynamically add our LDAP-based
> admin accounts to the "adm" group to be able to read syslog
> files without sudo under Debian.
>
> Basically it works perfectly - the only issue we have is that
> the syslog is now filled up with lines like:
>
> pam_group[11483]: /etc/security/group.conf; no tty entry #1
> pam_group[29319]: couldn't get the tty name
>
> Our /etc/security/group.conf contains two lines:
> *; *; admin1; Al0000-2400; adm
> *; *; admin2; Al0000-2400; adm
>
> What I can read from the example comments a wildcard is
> supported in the tty-column. But as far as I be able to read
> from the source the error is generated because * is not a
> vaild shell according /etc/securetty. Basically we only need
> it for ssh - but tty* or pts* is not working.
>
> What is the point in still showing up this log message on a
> wildcard match?
>
> Regards,
> Andreas
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>
>
More information about the Pam-list
mailing list