Date: Tue, 29 Nov 2005 18:34:13 -0500 From: Jason Williams <jason@seanet.com> To: Andrea Venturoli <ml.diespammer@netfence.it> Cc: freebsd-questions@freebsd.org Subject: Re: KDE and PAM Message-ID: <54EAAF7C-8514-44CE-B2DB-7C6BDE93D2FF@seanet.com> In-Reply-To: <438891E6.7040706@netfence.it> References: <438891E6.7040706@netfence.it>
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 26, 2005, at 11:48 AM, Andrea Venturoli wrote: > Hello. > I've got a problem. > I'm using KDE 3.4.3 on a 5.4p8 system: simply it does not check for > password!!! > At login (using kdm) I just enter my username and can leave the > password field blank or type whatever I want. The same happens > after the screen saver has locked up my session. > Here's my /etc/pam.d/kde: > > # > # $FreeBSD: src/etc/pam.d/kde,v 1.6 2003/04/30 21:57:54 markm Exp $ > # > # PAM configuration for the "kde" service > # > > # auth > auth required pam_nologin.so no_warn > #auth sufficient pam_krb5.so no_warn > try_first_pass > #auth sufficient pam_ssh.so no_warn > try_first_pass > #auth required pam_unix.so no_warn > try_first_pass > auth sufficient /usr/local/lib/pam_smb_auth.so > > # account > #account required pam_krb5.so > account required pam_unix.so > > # session > #session optional pam_ssh.so > session required pam_permit.so > > > > > I've tryed googling, but I only came up either with vulnerability > reports for older KDE releases (which should have been corrected) > or with hints which are specific to some particular Linux-based OS. > Any hiny appreciated. > > BTW, I'm also using nss_ldap, in case it matters, and text console > login works fine. > > bye & Thanks > av. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" > Andrea, The freebsd website has a excellent section on the pam module that REALLY helped me out. I believe you will find the answer in there. Here is a link: http://www.freebsd.org/doc/en_US.ISO8859-1/articles/pam/index.html I would suggest that you probably need something like the following for the auth section in /etc/pam.conf (FreeBSD 5.4) or in /etc/pam.d/ system (FreeBSD 6): # auth auth required pam_nologin.so no_warn #auth sufficient pam_krb5.so no_warn try_first_pass #auth sufficient pam_ssh.so no_warn try_first_pass auth sufficient pam_unix.so no_warn try_first_pass auth required /usr/local/lib/pam_smb_auth.so The "required" for pam_smb_auth.so will stop login from authenticating without a password. Jason Williams jwilliams@newhaven.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54EAAF7C-8514-44CE-B2DB-7C6BDE93D2FF>