Date: Tue, 24 Feb 2009 20:47:00 +0530 From: Ivan Grover <ivangrvr299@gmail.com> To: freebsd-security@freebsd.org Subject: PAM rules inside pam.d Message-ID: <670f29e20902240717m49f53bfx67166c151c01384b@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi All, I had PAM rules for my own service as below: auth required /lib/security/pam_securetty.so auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_deny.so This used to work properly in my older PAM libraries. For successfull authentication, it used to return from pam_stack.so as system-auth has sufficient in its rules as below and it doesnt pass below the stack to pam_deny.so auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth required /lib/security/$ISA/pam_deny.so Now, after upgrading PAM modules (pam_unix.so, pam_stack.so..) and library, It doesnt work, To make it work, I need to remove the last one, pam_deny.so as below. auth required pam_stack.so service=system-auth auth required pam_nologin.so Can any one please let me know if you have seen similar problem. Any suggestions/comments, please advice.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?670f29e20902240717m49f53bfx67166c151c01384b>