|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ivan Grover (ivangrvr299
gmail.com)
Date: Tue Sep 23 2008 - 02:44:06 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Thanks a lot. Please corrrect if my understanding below is what you have
suggested.
create a separate service conf file such as lockout-users in /etc/pam.d,
then in my service conf file, i write like this
auth required pam_stack.so service=lockout-users
After that whenever i want to disable the lockout, just edit the
/etc/pam.d/lockout-users file
and comment as below:
#auth required pam_able.so
Best Regards,
Ivan
On Mon, Sep 22, 2008 at 1:17 PM, Dag-Erling Smørgrav <desdes.no> wrote:
> "Ivan Grover" <ivangrvr299gmail.com> writes:
> > Suppose i dont want to enable locking of users, then one solution i
> > can think of is to share a common database across application and pam
> > modules. The application sets the flag which indicates, if pam_able
> > is included or not. Then pam_abl module will look into this database
> > and then return simply PAM_SUCCESS always or process the user
> > lockouts.
>
> Put pam_able in a separate policy that you include in the others.
> Whenever you want to disable it, just comment out the contents of that
> policy.
>
> DES
> --
> Dag-Erling Smørgrav - desdes.no
>
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]