[sudo-workers] ldap and password
Aaron Spangler
as at insight.rr.com
Wed Aug 25 22:34:44 EDT 2004
I propose we also consider options B and C.
Option B:
I suspect this always works on Linux. Can anyone confirm otherwise?
# cp -p /etc/pam.d/ssh /etc/pam.d/sudo
Option C:
When /etc/pam.d/sudo does not exist, pam will default to
/etc/pam.d/other. On many distros, /etc/pam.d/other works fine, but on
a few paranoid distros, /etc/pam.d/other is coded to disallow all. What
I am saying is that we might even be so bold to change the build message
to be 'will' to 'might'. On all our production (RedHat) Linux 7.2 -
AS3.0, Solaris 2.6 - 8, HP-UX 11.X , and AIX 5.2 systems, we never
create a special section for sudo and pam just falls back to 'other' and
it has always just worked for us.
Thoughts? Comments?
-Aaron
Todd C. Miller wrote:
>
>I was hoping to have a sample that would work with most Linux PAM
>installations but that doesn't appear to be possible. Oh well.
>
> - todd
>____________________________________________________________
>sudo-workers mailing list <sudo-workers at sudo.ws>
>For list information, options, or to unsubscribe, visit:
>http://www.sudo.ws/mailman/listinfo/sudo-workers
>
>
More information about the sudo-workers
mailing list