[nycbug-talk] PAM gurus?
spork at bway.net
Tue Aug 14 20:15:23 EDT 2007
I'm having some issues getting telnet + pam_mysql playing well together.
If I connect to the host with a modern telnet client with SRA auth, all is
well. If I use a standard telnet client, the pam auth fails. What I
think is happening is that with SRA auth, telnetd is doing the auth (ie:
/etc/pam.d/telnetd pam config applies). But when SRA is not being used,
the login tasks are passed to /bin/login. I'm trying to get the
/etc/pam.d/login pam setup right, but the default config has an option
that I'm not finding in the Free/NetBSD PAM handbooks/manpages.
auth required pam_nologin.so no_warn
auth sufficient pam_self.so no_warn
-->>auth include system
auth required pam_mysql.so host=...
I see "required, sufficient, requisite, binding, optional" in the manpage,
but I'm lost on what "include" is or how it affects the other lines. If I
remove it, things work. I'm worried about just what it did though...
Anyone know anything about this? And do I assume "system" means direct
auth via the standard passwd db?
Bway.net - New York's Best Internet - www.bway.net
spork at bway.net - 212.655.9344
More information about the talk