|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Wendy Palm (wendy
cray.com)
Date: Wed Jan 28 2009 - 19:13:49 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I can't test the getent command right now. we have a workaround in
place that I'd have to disengage to test it out.
I'm at SP1. Pam version in SP1 is 0.99.6.3-28.8 and didn't change in
sp2 - are there any specific packages you might recommend updating to
sp2? It's not feasible for me to wholesale change the whole system to
sp2, so targeting packages for experimentation would be easier.
From: pam-list-bouncesredhat.com [mailto:pam-list-bouncesredhat.com]
On Behalf Of Jon Miller
Sent: Wednesday, January 28, 2009 6:06 PM
To: Pluggable Authentication Modules
Subject: Re: pam list size limit?
Are you sure the issue is with pam_access? How many entries do you get
when you run "getent group <grpname>" ?
Finally, what level SP are you at on your SLES10 machine? If you're not
at SP2, you could try updating to that. I've found SP2 to have solved a
lot of issues.
-- Jon Miller
2009/1/28 Wendy Palm <wendycray.com>
We have a site that uses pam to regulate user logins, and has a unix
group in excess of 2500 user entries which is specified in the
access.conf file.
They were running SLES9 (pam-0.77-221.4) and had no problems. However,
updating to SLES10 (pam-0.99.6.3-28.8), they are now having problems
with the group list truncating at about 1100 user entries.
Was some default limit changed? I checked the archives, but didn't see
anything blatent announcing this. I checked the ChangeLog in the source
code and found an entry that is suspicious (2005-12-21 Tomas Mraz
simplifying evaluate_ingroup), but again, nothing blatent.
What is the limit? How can I change it (preferably without
recompiling)? Is this at all possible?
Thanks,
Wendy
---------------------------------
Wendy Palm
Security Software Engineer
wendy at cray dot com
_______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://www.redhat.com/mailman/listinfo/pam-list
_______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://www.redhat.com/mailman/listinfo/pam-list
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]