pam_unix nonexistent user vs. invalid password
Matus UHLAR - fantomas
uhlar at fantomas.sk
Thu Feb 18 19:21:35 UTC 2016
>On St, 2016-02-17 at 13:53 +0100, Matus UHLAR - fantomas wrote:
>> can I differ between nonexistent user and invalid password in
>> pam.conf?
>>
>> I want invalid user to be left for next authentication module, but
>> invalid
>> password to be rejected, so other people can not override password I
>> set for
>> local users.
>>
>> I currently have:
>>
>> auth [success=2 default=ignore] pam_unix.so nullok_secure
>>
>> I have tried to add "auth_err=die" but that caused remot logins to be
>> refused too...
On 17.02.16 14:28, Tomas Mraz wrote:
>Unfortunately that does not work. You can use pam_localuser before
>pam_unix and jump over it for non-local users.
I don't want to jump over pam_unix for non-local users.
I guess jumping over pam_winbind for local users would do that.
Is that possible?
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Quantum mechanics: The dreams stuff is made of.
More information about the Pam-list
mailing list