|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [discuss] su, msec and password
From: Vincent Danen (vdanen
mandrakesoft.com)
Date: Mon Oct 06 2003 - 10:37:07 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon Oct 06, 2003 at 02:25:34PM +0200, Matthieu Turpault wrote:
> OK, thanks
>
> With your /etc/pam.d/su file, it's OK.
>
> In fact, I have just installed my Mandrake 9.1 and I have copied all file
> of a server working with Mandrake 8.2 in the folder "/etc/pam.d".
That's actually a really bad idea. PAM has changed quite a bit from 8.2 to
9.1, and you shouldn't copy your pam files from an 8.2 install to 9.1...
you're likely to find other things breaking because of that.
> > Is there a good reason why you are customising each pam service file? By
> > default, all services use pam_stack, which basically imports the
> > settings in /etc/pam.d/system-auth. So, to achieve LDAP authentication
> > for all services, you just need to modify /etc/pam.d/system-auth (or
> > choose LDAP authentication during installation).
> >
> > This is how our /etc/pam.d/su looks:
--
MandrakeSoft Security; http://www.mandrakesecure.net/
Online Security Resource Book; http://linsec.ca/
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)
iD8DBQE/gYwjIEPQ5f5vKv0RAusRAJ9V7hFOkg4AAiyuOMFe1KWmo1EHNQCgiNHq
N0edxXWMWEixFkuywTtFp4I=
=oG7v
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]