[sudo-users] sudo + openldap + freebsd 7
François Mehault
Francois.Mehault at netplus.fr
Fri May 29 09:14:24 EDT 2009
Well I am curious in fact, this my sudo but could you confirm me that it is correct (no unuseful information for example)
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
#auth optional /usr/lib/pam_echo.so test
auth sufficient pam_unix.so no_warn try_first_pass
auth optional /usr/lib/pam_echo.so openldap alive ??? wrong local passwd ???
auth required /usr/local/lib/pam_ldap.so no_warn try_first_pass
#auth sufficient /usr/lib/pam_radius.so no_warn
# account
account required /usr/local/lib/pam_ldap.so ignore_unknown_user ignore_authinfo_unavail
account required pam_nologin.so
#account required pam_krb5.so
account required pam_login_access.so
account required pam_unix.so
# session
session required pam_permit.so
# password
#password sufficient pam_krb5.so no_warn try_first_pass
password required pam_unix.so no_warn try_first_pass
I think there is lot of lines which are unuseful.
-----Message d'origine-----
De : sudo-users-bounces at courtesan.com [mailto:sudo-users-bounces at courtesan.com] De la part de Jordi Espasa Clofent
Envoyé : vendredi 29 mai 2009 10:41
À : sudo-users at sudo.ws
Objet : Re: [sudo-users] sudo + openldap + freebsd 7
I have a similiar environment and works like a charm.
I suspect a PAM error. Can you show a simple 'cat /etc/pam.d/sudo' output?
--
Thanks,
Jordi Espasa Clofent
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list