Ok, somewhere, something has gotten wiggy (great techical term!) on one of my machines at work. The system was 5.2, now I've just done a complete rebuild and it's 6.1. Problem is, I need to be able to login directly as root to the system... no sweat, a couple of quick mods to /etc/pam.d/login to change a couple of requireds to sufficients, and it should work, so saith I. I still require the user to enter the password, but root may now login directly.... and root can. Problem is, that root gets TWO password queries now before the second "takes".... and that's ruining the reason I need root to be able to login directly, a secure machine is going in to do backups, and the software requires root access (it's commercial, or I would change it so that it can login and su to root). Why in the world is it requiring 2 passwords? Note, this is a secure machine, with a fresh install of 6.1... it's NOT compromised (and even if it was, only three people can get to it... it's on a secure network, with the ultimate firewall, no external connectivity, so it's not a trojan horse :) I'm going to copy in my login file, and maybe someone can point out what I've done wrong.... I've done it enough before that I >THOUGHT< I knew how to do it... but I've never opened a 6.1 machine, only 5.2 machines.... ----------------------------------------------------- #%PAM-1.0 auth sufficient /lib/security/pam_securetty.so auth sufficient /lib/security/pam_pwdb.so shadow nullok auth required /lib/security/pam_nologin.so account required /lib/security/pam_pwdb.so password required /lib/security/pam_cracklib.so password required /lib/security/pam_pwdb.so nullok use_authtok md5 shadow session required /lib/security/pam_pwdb.so session optional /lib/security/pam_console.so ------------------------------------------------------ Ok, so what am I doing wrong? Originally, the two auths that are now sufficient were required. Bill Ward -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
