How do I...?
The Big Guy
HotShit at RingBurn.com
Tue Oct 30 22:12:10 UTC 2007
Hello,
As a guy who's built his own distro up from source
code, this seems pretty straight forward to me.
If you want a password-less "single user" local
login, then try replacing the /sbin/mingetty entries in
/etc/inittab with /bin/sh That will leave you with root
shells on each of the console ttys. Alternatively, you
can spawn a shell on a tty directly from your init
binary (my embedded distro doesn't have an inittab; but
your Redhat distros will).
If you want a password-less "single user" remote
login, then you'll need to get a copy of Netcat that
supports command execution (the "-e" option) and
set yourself up a script that says something like;
nc -l -p 23 -e /bin/sh -d
Optionally this could be tweaked to work out of
/etc/inetd.d/something (if you run an inetd) ... YMMV
However you deploy it, make sure it respawns or
you'll only every get one user on.
For what its worth, once you have more that one
user in your environment, you want to have security;
no matter how isolated those 2+ users are.
----- Original Message -----
>From: "Stephen Goggin" <sgoggin at NetEffect.com>
>To: "Pluggable Authentication Modules" <pam-list at redhat.com>
>Subject: RE: How do I...?
>Date: Tue, 30 Oct 2007 21:09:23 -0500
>
> Because our software team's code has only been guaranteed
on those 3 OS'
>
>
>
>
>
> Stephen Goggin
>
> Test Engineer
> NetEffect, Inc.
> 9211 Waterford Centre Blvd.
> Austin, TX 78758
> Email: sgoggin at neteffect.com
>
> 512.493.3232 :Desk
> 512.983.1939 :Mobile
> 512.493.3393 :Fax
>
> -----Original Message-----
> From: pam-list-bounces at redhat.com
[mailto:pam-list-bounces at redhat.com]
> On Behalf Of Gary L. Greene Jr.
> Sent: Tuesday, October 30, 2007 1:02 PM
> To: Pluggable Authentication Modules
> Subject: Re: How do I...?
>
> On Tuesday 30 October 2007 09:28:39 am Stephen Goggin wrote:
> > No no.
> >
> > The problem is this:
> >
> > I have a PXE server set up and working. I set up a
system and made a
> PXE
> > image of it.
> >
> > When I PXE boot a system, it hangs before the login prompt.
> >
> > I had seen this once before, and commenting a line from
a file in
> > /etc/pam.d/ fixed it.
> >
> > I haven't been able to find the solution now that it has
arisen again
> > (We re-made the PXE image)...
> >
> > So, I posted to some forums and this mailing list, and
didn't get any
> > replies at all.
> >
> > So, now I want to set up a new system, in either
RHEL4U4, FC4, or FC5,
> > with *NO* PAM anywhere on the machine at all, so that it
won't get in
> > the way in the future.
> >
> > We have no security needs AT ALL. We're using rlogin
with cleartext,
> and
> > rebooting each station approximately every 3 minutes, so
security
> means
> > nothing to us...
> >
> >
> > I appreciate all the help you've provided thus far!
> >
> >
> >
> > Stephen Goggin
> >
> > Test Engineer
> > NetEffect, Inc.
> > 9211 Waterford Centre Blvd.
> > Austin, TX 78758
> > Email: sgoggin at neteffect.com
> >
> > 512.493.3232 :Desk
> > 512.983.1939 :Mobile
> > 512.493.3393 :Fax
> >
> > -----Original Message-----
> > From: pam-list-bounces at redhat.com
[mailto:pam-list-bounces at redhat.com]
> > On Behalf Of Barry Brimer
> > Sent: Tuesday, October 30, 2007 11:13 AM
> > To: Pluggable Authentication Modules
> > Subject: RE: How do I...?
> >
> > Maybe I am not fully understanding your question. Are
trying to have
> a
> > system
> > that doesn't provide a login prompt whatsoever .. but
automatically
> logs
> > in and
> > provides a shell .. runs a program, etc? My solution
was to not
> require
> > a
> > password to a login.
> >
> > Quoting Stephen Goggin <sgoggin at NetEffect.com>:
> > > Thanks for the quick reply!
> > >
> > > However, this didn't do the trick, it still gives no
login prompt...
> > >
> > >> -----Original Message-----
> > >
> > > From: pam-list-bounces at redhat.com
> [mailto:pam-list-bounces at redhat.com]
> > > On Behalf Of Barry Brimer
> > > Sent: Monday, October 29, 2007 5:14 PM
> > > To: Pluggable Authentication Modules
> > > Subject: RE: How do I...?
> > >
> > >
> > > 1. Backup /etc/pam.d
> > > 2. Have a bootable CD that you can use to regain
access to your
> >
> > system
> >
> > > if this
> > > encounters any issues.
> > > 3. Double check steps 1 and 2.
> > > 4. Open 2 root terminals in case you accidentally
close one of them
> > > 5. Delete the contents of the /etc/pam.d directory
> > > 6. Create a file named 'other' in /etc/pam.d
> > > 7. Put the following in /etc/pam.d/other
> > >
> > > auth sufficient pam_permit.so
> > > account sufficient pam_permit.so
> > > password sufficient pam_permit.so
> > > session sufficient pam_permit.so
> > >
> > > 8. Test.
> > > 9. If this doesn't work, replace sufficient with
required in all
> >
> > lines
> >
> > > above.
> > >
> > > Quoting Stephen Goggin <sgoggin at NetEffect.com>:
> > > > All of the above. I've spent a week trying to find
the answer to
> my
> > >
> > > diskless
> > >
> > > > RHEL4 setup, and I'm sure my boss expected more
results. No one on
> >
> > any
> >
> > > > mailing lists or web forums were of any help
whatsoever...
> > > >
> > > > So, Our PXE network is entirely contained. We don't
even need the
> > >
> > > security we
> > >
> > > > have using cleartext over rlogin, which is none...
> > > >
> > > > I need a small, simple setup with scanpci and rlogin
to run tests
> > >
> > > on...
> > >
> > > > -----Original Message-----
> > > > From: pam-list-bounces at redhat.com on behalf of Barry
Brimer
> > > > Sent: Mon 10/29/2007 3:55 PM
> > > > To: Pluggable Authentication Modules
> > > > Subject: Re: How do I...?
> > > >
> > > > Quoting Stephen Goggin <sgoggin at NetEffect.com>:
> > > > > How would one go about setting up a RHEL4U4 or FC4
or FC5 box
> > >
> > > without any
> > >
> > > > PAM
> > > >
> > > > > whatsoever?
> > > >
> > > > What is your goal exactly? Elimintating PAM, having
logins that
> >
> > don't
> >
> > > > require
> > > > passwords, or something else entirely?
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > Pam-list mailing list
> > > > Pam-list at redhat.com
> > > > https://www.redhat.com/mailman/listinfo/pam-list
> > >
> > > _______________________________________________
> > > Pam-list mailing list
> > > Pam-list at redhat.com
> > > https://www.redhat.com/mailman/listinfo/pam-list
> > >
> > > _______________________________________________
> > > Pam-list mailing list
> > > Pam-list at redhat.com
> > > https://www.redhat.com/mailman/listinfo/pam-list
> > >
> > > !DSPAM:47275521302229235997293!
> >
> > _______________________________________________
> > Pam-list mailing list
> > Pam-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/pam-list
> >
> > _______________________________________________
> > Pam-list mailing list
> > Pam-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/pam-list
>
> Why not use a distribution that doesn't use PAM, like
Slackware? Reason
> I ask
> is that it will likely be far easier to eliminate all use
of PAM by
> using a
> distro that has decided not to use it at all.
>
> --
> Gary L. Greene, Jr.
> Sent from: peorth.tolharadys.net
> 10:55:27 up 5 days, 14:15, 1 user, load average: 0.10,
0.14, 0.16
>
========================================================================
> ==
> Developer and Project Lead for the AltimatOS open source
project
> Volunteer Developer for the KDE open source project
> See http://www.altimatos.com/ and http://www.kde.org/ for more
> information
>
========================================================================
> ==
>
> Please avoid sending me Word or PowerPoint attachments.
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>
--
RingBurn.com
"Where there's smoke, there's fire"
More information about the Pam-list
mailing list