On Wed, Nov 15, 2000 at 11:47:00AM -0600, Jason L Tibbitts III wrote:
> In order to maintain security while still allowing users to use FTP to get
> to their files, I set up a system where users get different passwords which
> they use for FTP. Using PAM, this was pretty easy, I just used
>
> auth required /lib/security/pam_userdb.so db=/etc/ftp/users
>
> And made a little Perl script to maintain the /etc/ftp/users database.
>
> Then I upgraded to RedHat 7, which broke pam_userdb (it was linked
> improperly against the DB library). The Rawhide RPM fixes the problem by
> linking against libdb.so.2. But the 6.2 pam_userdb was linked against
> libdb.so.3, and I can't make the new version read databases that were
> usable by the old version.
Ick. The DB situation is messy. The PAM package coming into Raw Hide
is once again built against DB 3.1, and there's a very good chance that
we'll push it out as a bugfix. Until the next Raw Hide refresh, the
candidate is at http://people.redhat.com/nalin/test/.
The short list of steps to make it work:
* Use "db2_dump users.db" to dump the DB 2 database file to a text file.
* Move the users.db file out of the way.
* Use "db_load -T -t hash -f users.txt users.db" to create a DB 3.1 database.
* Make sure that the db file name ends in ".db" and the path passed to the
pam_userdb module does *not* include the ".db". The DB library automatically
appends the ".db" to filenames which get passed in, so you have to work
around this (the goal being that the text file doesn't get nuked when the
dump file is named "users" and the corresponding DB file is named "users.db").
Cheers,
Nalin
_______________________________________________
Redhat-devel-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-devel-list
