FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux General Discussion

LinkBack Thread Tools
Old 07-02-2012, 03:26 PM
Arno Gaboury
Default shadow upgrade /pam configuration files

Dear list,

I messed up my box yesterday when upgrading shadow, and trying to
understand and merge /etc/pam.d/login with login.pacnew.

I thought it was worth adding the four lines of login.pacnew to my
actual login file. But in this case, I found myself with a box login one
user, me, on two Tty, asking for the password twice at the console login
prompt, then when X started, all GUI apps were very long to diplay
contents, and when I loged off/loged in, I could see I had two last
login on Tty messages . So I reverted to my original /etc/pam.d/login.
Now everything is OK, but I am wondering if this denial of taling into
account the login.pacnew would leave my system unstable.

TY for help and hints, as PAM and shadow are both quite obscure to me
when it comes to configure.

Below is my actual /ect/pam.d/login . Not sure it is well configured !

#root is NOT allowed to login
auth required pam_securetty.so
#check user is allowed to login
auth requisite pam_nologin.so
#auth include system-local-login
#default aut settings
#auth include system-auth
auth required pam_unix.so shadow nullok
auth required pam_tally.so onerr=succeed

# use this to lockout accounts for 10 minutes after 3 failed attempts
#auth required pam_tally.so deny=2 unlock_time=600
onerr=succeed file=/var/log/faillog

#account include system-local-login
# include the default account settings
#account include system-account
#check access for user
account required pam_access.so
account required pam_time.so
account required pam_unix.so
#password required pam_cracklib.so difok=2 minlen=8 dcredit=2
ocredit=2 retry=3

#password required pam_unix.so sha512 shadow use_authtok
#session include system-local-login
session required pam_unix.so
#set default environment for user
session required pam_env.so
session required pam_motd.so
session required pam_limits.so
session optional pam_mail.so dir=/var/spool/mail standard
session optional pam_lastlog.so
session optional pam_loginuid.so
-session optional pam_ck_connector.so nox11
-session optional pam_systemd.so
Old 07-02-2012, 10:10 PM
Kevin Chadwick
Default shadow upgrade /pam configuration files

> TY for help and hints, as PAM and shadow are both quite obscure to me
> when it comes to configure.

Needlessly too and it's not on it's own.

Unix philosophy of write programs that do one thing and do it well.
Write programs to work together. Write programs to handle text streams,
because that is a universal interface (Doug McIlroy).

I wonder, if he had wrote that today, if he would have added write
programs that are easily and intuitively controlled in one or very few
well commented textual config files. Though I guess he probably would
have figured that was obvious and didn't need saying.

__________________________________________________ ______

Why not do something good every day and install BOINC.
__________________________________________________ ______

Thread Tools

All times are GMT. The time now is 09:45 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org