PAM and arla
Herbert Huber
Herbert.Huber at lrz-muenchen.de
Wed Jul 21 17:50:49 CEST 1999
I installed arla 0.25 and Tobias Schaefer's pam_linux_afs completely new
on one of my machines today.
The /etc/pam.d/login file has the following entries:
#%PAM-1.0
auth sufficient /lib/security/pam_linux_afs.so try_first_pass
ignore_root setpag
auth required /lib/security/pam_unix_auth.so
account required /lib/security/pam_unix_acct.so
password required /lib/security/pam_unix_passwd.so
session sufficient /lib/security/pam_linux_afs.so authenticate
session required /lib/security/pam_unix_session.so
Since Tobias module neeeds a working pagsh under /usr/afsws/bin. I
copied the pagsh which comes with
krb4-0.9.9 to this directory. Second I also copied Tranarcs klog to
/usr/afsws/bin.
Using this configuration, the token is not passed to the user during
login. Without the setpag option one sees that the token is granted to
root.
/Herbert
More information about the Arla-drinkers
mailing list