[Klug-general] help with pam

Peter Childs pchilds at bcs.org
Wed Sep 30 14:04:29 UTC 2009


2009/9/30 Peter Childs <pchilds at bcs.org>:
> Does anyone have any idea whats wrong with my pam setup...
>
> famous last words
>
> auth required pam_nologin.so
> auth sufficient pam_pgsql.so likeauth nullok
> auth sufficient pam_unix.so likeeauth nullok try_first_pass
> auth required pam_deny.so
>
> I think this means if either pam_pgsql (postgres database of
> passwords) or pam_unix accepts the password, let me in
> else don't But currently it seams to only let me in if the Unix
> password is correct (Currently they are different) they should be in
> sync but I've not worked out a good way to do this yet as the postgres
> database is shared between about 10 machines.
>
> I know the postgres database is checked because if the unix password
> does not exist at all I can still get in. Its just I have a unix
> password incase the network is down....
>
> Any ideas
>
> oh and is there a way to keep them all in sync nice and simply. I only
> need the unix password for times when my network breaks which while
> this does not happen very often it does happen from time to time....
>
> Might have to think about doing a meet on pam.....
>
> Peter
>

Got it I think: Badly set password.

Now for a method to keep them all in sync.... Which I'm not thinking
is possible.

Peter



More information about the Kent mailing list