[Klug-general] help with pam

Peter Childs pchilds at bcs.org
Wed Sep 30 13:23:53 UTC 2009

Does anyone have any idea whats wrong with my pam setup...

famous last words

auth required pam_nologin.so
auth sufficient pam_pgsql.so likeauth nullok
auth sufficient pam_unix.so likeeauth nullok try_first_pass
auth required pam_deny.so

I think this means if either pam_pgsql (postgres database of
passwords) or pam_unix accepts the password, let me in
else don't But currently it seams to only let me in if the Unix
password is correct (Currently they are different) they should be in
sync but I've not worked out a good way to do this yet as the postgres
database is shared between about 10 machines.

I know the postgres database is checked because if the unix password
does not exist at all I can still get in. Its just I have a unix
password incase the network is down....

Any ideas

oh and is there a way to keep them all in sync nice and simply. I only
need the unix password for times when my network breaks which while
this does not happen very often it does happen from time to time....

Might have to think about doing a meet on pam.....


More information about the Kent mailing list