From owner-freebsd-security Thu Jan 18 4:58:55 2001 Delivered-To: freebsd-security@freebsd.org Received: from gratis.grondar.za (grouter.grondar.za [196.7.18.65]) by hub.freebsd.org (Postfix) with ESMTP id CB16137B400 for ; Thu, 18 Jan 2001 04:58:34 -0800 (PST) Received: from grondar.za (root@gratis.grondar.za [196.7.18.133]) by gratis.grondar.za (8.11.1/8.11.1) with ESMTP id f0ICwOI41753; Thu, 18 Jan 2001 14:58:24 +0200 (SAST) (envelope-from mark@grondar.za) Message-Id: <200101181258.f0ICwOI41753@gratis.grondar.za> To: "David J. MacKenzie" Cc: freebsd-security@FreeBSD.ORG Subject: Re: full PAM support for login, rshd, and su References: <20010117214735.E7DAD46BC@dagger.web.us.uu.net> In-Reply-To: <20010117214735.E7DAD46BC@dagger.web.us.uu.net> ; from "David J. MacKenzie" "Wed, 17 Jan 2001 16:47:35 EST." Date: Thu, 18 Jan 2001 14:58:31 +0200 From: Mark Murray Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > The FreeBSD (4.2-STABLE) login has only partial PAM support; it > supports PAM authentication, but not account management or sessions. > I want to use a locally written PAM module that restricts logins based on > a DB file lookup, but the account management function is necessary for > that. The FreeBSD rshd and su don't have any PAM support. Cool! I'll start testing immediately! > Below are patches to add full PAM support to those programs. I > haven't tackled adding PAM to the FreeBSD ftpd so far, because I use > proftpd which already has it. I'd be most grateful if you could add this to our ftpd, if you have the time. > I haven't looked at Heimdal or krb4, as the relevant utilities from > them don't seem to be installed on FreeBSD, and my company has > standardized on MIT krb5. I'll work on that. M -- Mark Murray Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message