On 7 May 1998, James Youngman wrote:
> The following message is a courtesy copy of an article
> that has been posted to vggas.lists.redhat.redhat-list as well.
>
> >>>>> "lh" == Lawrence Houston <[EMAIL PROTECTED]> writes:
>
> lh> RH Users: Last year Cristian asserts that LOGIN lost its support
> lh> for "/etc/usertty" when it was PAMified. Within the context of
> lh> RH 4.2 this is appearently still the case, any ideas when it (or
> lh> an equivalent) might be re-instroduced?
>
> It is not required. You can just do it with PAM (that's the whole
> point of PAM). You could add a line like this to
> /etc/pam.d/login:-
>
> auth required /lib/security/pam_listfile.so \
> item=tty sense=allow apply=user file=/etc/usertty onerr=succeed
>
> (That was all supposed to be on one line). The idea of
> "onerr=succeed" is that if /etc/usertty is missing, anybody can log in
> on any tty. See /usr/doc/pam*/html/pam.html for more details.
>
> (This was done using PAM-0..59-5, but I suspect that the RH 4.2 version
> of PAM will allow the same thing).
James:
Although I achived my objectives with RH 4.2's PAM, I find this solution
is NOT as "tidy" as LOGIN using /etc/usertty directly. For systems with
configurations with more "complicated" than mine, LOGIN's original scheme
might still make more sense?
Thanks for your suggestion, I was NOT aware PAM had that ability! I now
see the FTP Daemon's /etc/ftpusers is also being accomplished with
"pam_listfile"?
Lawrence Houston - ([EMAIL PROTECTED])
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
