Problem with pam_access
Jon Miller
jonebird at gmail.com
Wed Feb 11 12:52:49 UTC 2009
Typically pam_access is used in targeting select groups or netgroups. If you
trying to restrict access based on the source IP address, then the best
option for accomplishing that is using iptables. Even if you are still
targeting select groups to have access, I would still recommend combining
iptables for just the IP restrictions.
-- Jon Miller
On Wed, Feb 11, 2009 at 7:38 AM, bluesman <bluesman at bluesman.it> wrote:
>
> Hi Guys,
> My first mesage to this list, so nice to meet you :) Here's the problem:
> In order to restrict access to our clients, we are implementing pam_access
> module. The configuration is working fine, but there is some problem in
> defining the "from" field.
> During the authentication, if the module is able to (reverse) resolve the
> IP, it *wants* to find the DNS name in the access.conf, ignoring the line
> even if the IP or subnet is defined. As a workaround, i added all DNS names
> and IP in the config. but this will make impossible for me to define IP
> ranges.
> Do someone know how to solve this problem?
>
> Hope I've been clear enough.
> Thanks in advance.
>
> Diego Roccia
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20090211/1c115d32/attachment.htm>
More information about the Pam-list
mailing list