Greetings Kamil,
> Sent: Sunday, July 21, 2024 at 7:55 AM
> From: "Kamil Jońca"
> To: debian-user@lists.debian.org
> Subject: Re: pam and pam-cap don't play along
>
> daggs writes:
>
> > Greetings,
> >
> > I have bookworm installatio
Greetings George,
>Sent: Sunday, July 21, 2024 at 4:00 AM
>From: "George at Clug"
>To: debian-user@lists.debian.org
>Subject: Re: pam and pam-cap don't play along
>On Sunday, 21-07-2024 at 07:57 daggs wrote:
>> Greetings,
>>
>> I have bookwo
daggs writes:
> Greetings,
>
> I have bookworm installation where I want to allow a group of users to run a
> specific binary that needs to execute a ioctl which is not possible for
> normal users.
> in comes pam+libcap.
> so I've installed libcap, updated /etc/sec
On Sunday, 21-07-2024 at 07:57 daggs wrote:
> Greetings,
>
> I have bookworm installation where I want to allow a group of users
to run a specific binary that needs to execute a ioctl which is not
possible for normal users.
> in comes pam+libcap.
> so I've installed libcap, u
Greetings,
I have bookworm installation where I want to allow a group of users to run a
specific binary that needs to execute a ioctl which is not possible for normal
users.
in comes pam+libcap.
so I've installed libcap, updated /etc/security/capability.conf with this line:
cap_net_
On 4/10/23 11:12, Kushal Kumaran wrote:
Perhaps set AuthenticationMethods to publickey,keyboard-interactive in
sshd_config? Do read the full description of that parameter in the
manpage for other things that might interest you.
I finally managed to get my desired public key and google authen
On Wed, Oct 04 2023 at 10:08:14 AM, jeremy ardley
wrote:
> I have set up a server with sshd allowing public key access. I also
> set up google authenticator in pam by putting this line at the head of
> /etc/pam.d/sshd
>
> auth required pam_google_authenticator.so
>
> If I
I have set up a server with sshd allowing public key access. I also set
up google authenticator in pam by putting this line at the head of
/etc/pam.d/sshd
auth required pam_google_authenticator.so
If I connect to the server without a public key I get the authenticator
prompt and then
go to libpam-ldapd and libnss-ldapd with nslcd.
See how one can restrict the access group-wise with nslcd:
https://wiki.debian.org/LDAP/PAM#Allowing_logins_on_a_per-group_basis
tty sure this was set up quite some time ago here, but the colleagues who
> I collaborated with to do it are no longer working with me, and I can't for
> the life of me remember how exactly it was done...
>
I don't use pam-ldap any longer (I switched to sssd a few years ago).
Bu
Hi again everyone,
Having gotten an excellent (and quite simple) response to my query about
automatic homedir creation upon ssh login, i'm going to push my luck (expecting
@ any moment to receive responses with RTFM or somethings close to that
sentiment in them).
Our goal is to allow not just
On Sun, 14 Nov 2021 17:57:53 +
André Rodier wrote:
> Hello all,
>
> I have been able to configure pam on Linux, to add two factors
> authentication for session, sudo, etc...
>
> First, I tried Google authenticator and a code from my phone, and it is
> working like
gt;
> >>> I can use various second factors authentications on Debian:
> >>>
> >>> - google authenticator
> >>> - u2f key
> >>> - yubikey
> >>>
> >>> I would like to configure pam sessions to have 1) password
> &g
Kamil Jońca writes:
> 2. and probably use substack
> (http://linux-pam.org/Linux-PAM-html/sag-configuration-file.html) but,
> honestly I did tested it.
> KJ
Should be "I did NOT tested it" :( Sorry.
KJ
--
http://stopstopnop.pl/stop_stopnop.pl_o_nas.html
On Sat, 13 Nov 2021 19:13:27 +0100
Kamil Jońca wrote:
> André Rodier writes:
>
> > Hello all,
> >
> > I can use various second factors authentications on Debian:
> >
> > - google authenticator
> > - u2f key
> > - yubikey
> >
> >
I understand you correctly you should:
1. verify if there are pam modules (at least for u2f and yubico answer
is "yes")
2. and probably use substack
(http://linux-pam.org/Linux-PAM-html/sag-configuration-file.html) but,
honestly I did tested it.
KJ
>
> Thanks,
>
> On 13/11/2021 1
second factors authentications on Debian:
- google authenticator
- u2f key
- yubikey
I would like to configure pam sessions to have 1) password
authentication, and then 2) one of the second factor described above.
How this can be achieved, please ?
Thanks for your answers.
André Rodier.
Well
André Rodier writes:
> Hello all,
>
> I can use various second factors authentications on Debian:
>
> - google authenticator
> - u2f key
> - yubikey
>
> I would like to configure pam sessions to have 1) password
> authentication, and then 2) one of the second factor
Hello all,
I can use various second factors authentications on Debian:
- google authenticator
- u2f key
- yubikey
I would like to configure pam sessions to have 1) password
authentication, and then 2) one of the second factor described above.
How this can be achieved, please ?
Thanks for
W dniu pią, 14.05.2021 o godzinie 16∶05 +0100, użytkownik Darac Marjal
napisał:
>
> On 14/05/2021 15:29, Marek Mosiewicz wrote:
> > Hello,
> >
> > I think of idea of having additional PAM module which passes login
> > after receiving and validating signed email (f
W dniu pią, 14.05.2021 o godzinie 10∶52 -0500, użytkownik David Wright
napisał:
> On Fri 14 May 2021 at 16:29:32 (+0200), Marek Mosiewicz wrote:
> >
> > I think of idea of having additional PAM module which passes login
> > after receiving and validating signed email (
On Fri 14 May 2021 at 16:29:32 (+0200), Marek Mosiewicz wrote:
>
> I think of idea of having additional PAM module which passes login
> after receiving and validating signed email (for some scenarios it
> could even requires emails from many persons).
That's all very vague. You
On Fri, 14 May 2021 16:29:32 +0200
Marek Mosiewicz wrote:
> Hello,
>
> I think of idea of having additional PAM module which passes login
> after receiving and validating signed email (for some scenarios it
> could even requires emails from many persons). Signing emails can be
&
On 14/05/2021 15:29, Marek Mosiewicz wrote:
> Hello,
>
> I think of idea of having additional PAM module which passes login
> after receiving and validating signed email (for some scenarios it
> could even requires emails from many persons). Signing emails can be
> done easliy
Hello,
I think of idea of having additional PAM module which passes login
after receiving and validating signed email (for some scenarios it
could even requires emails from many persons). Signing emails can be
done easliy in secure way and it could be also good for auditing.
Cheers,
Marek
t;sufficient" controls) but is the order
> important between different stacks for the same service (for example
> "account" before "auth" before "password" before "session")?
>
I think it all depends on the binary requesting linux-pam.
It may im
Hi,
I'm discovering PAM :)
I'm currently reading lots of different resources about it but I have some
questions to ask please:
1) How do we know which options can be set up in a /etc/security conf file and
which one can be specified as a module argument in the /etc/pam.d files?
F
und
authrequiredpam_permit.so
# and here are more per-package modules (the "Additional" block)
authoptionalpam_group.so
authoptional pam_cap.so
# end of pam-auth-update config
The question here is, why the application at
Hello,
auth[success=2 default=ignore] pam_p11.so
/usr/local/lib/libcvP11.so
[...]
This works nearly exactly as desired, "nearly" because though the
login with unix password works, the application shows "Login failed"
for a short time. Is there something I can change in the above fil
Hi Christoph.
Quoting Christoph Pleger (2020-02-14 13:25:24)
> I created a PAM configuration with the goal to make it possible that a
> user can either login by inserting a smartcard into a card reader and
> entering the correct PIN, or by entering the traditional UNIX
> password.
Hello,
I created a PAM configuration with the goal to make it possible that a
user can either login by inserting a smartcard into a card reader and
entering the correct PIN, or by entering the traditional UNIX password.
This is what my /etc/pam.d/common-auth looks like:
#
# /etc/pam.d
On 12/07/18 02:18, Curt wrote:
> On 2018-07-10, Richard Hector wrote:
>>
>> Hi all,
>>
>> I'm getting messages like this in auth.log:
>>
>> PAM-CGFS[xxx]: Failed to get list of controllers
>>
>
> Found this bug:
>
> https://bugs.deb
On 2018-07-10, Richard Hector wrote:
>
> Hi all,
>
> I'm getting messages like this in auth.log:
>
> PAM-CGFS[xxx]: Failed to get list of controllers
>
Found this bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843450
Apparently after updating the libpam-cgfs
Hi all,
I'm getting messages like this in auth.log:
PAM-CGFS[xxx]: Failed to get list of controllers
Web searches generally hint at a link with LXC, and this is on an LXC
host, but doesn't seem to directly relate to the containers - it shows
up when anyone logs in, starts a cron s
Darren S. wrote:
> I know that when the proper configuration is triggered that the target
> files in /etc/pam.d/ are modified, but I can't figure out how to call
> into pam-auth-update from Ansible to set the profiles. I'd rather use
> the profile and avoid troublesome manu
e the pam_duo.so
module correctly with the included profile using pam-auth-update(8). I
can execute this program manually and in the curses dialog select the
Duo PAM profile and disable the Unix authentication profile. This is
basically what this dialog looks like when the program is first run:
No luck with the french debian list, so I try here
We have some servers running Debian Jessie 8.4 amd64
We update them via a cron script and as you see it, pam-auth-update
freeze our cron update
'ps -efH' extract
root 22723 21862 3 avril03 ? 01:08:58 apt
On Tue, Nov 17, 2015 at 06:35:26PM +0100, to...@tuxteam.de wrote:
> On Wed, Nov 18, 2015 at 07:04:38AM +1300, Chris Bannister wrote:
> > On Tue, Nov 17, 2015 at 09:05:03AM -0600, David Wright wrote:
> > > Alternatively you could get cron to run a normal script and do
> > > everything in that. Just
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Nov 18, 2015 at 07:04:38AM +1300, Chris Bannister wrote:
> On Tue, Nov 17, 2015 at 09:05:03AM -0600, David Wright wrote:
> > Alternatively you could get cron to run a normal script and do
> > everything in that. Just don't be caught naming your
On Tue, Nov 17, 2015 at 09:05:03AM -0600, David Wright wrote:
> Alternatively you could get cron to run a normal script and do
> everything in that. Just don't be caught naming your script
> "script.sh" :)
Especially if it's written in Perl. :)
--
"If you're not careful, the newspapers will have
On Sat 14 Nov 2015 at 21:25:47 (-0500), Kynn Jones wrote:
> On Sat, Nov 14, 2015 at 8:36 PM, Gene Heskett wrote:
> > On Saturday 14 November 2015 17:58:59 Kynn Jones wrote:
> >
> >> I'm trying to set up a `cron` job that will send me mail for some
> >> outputs.
> >>
> >> In my `crontab` I have the
On Saturday 14 November 2015 21:25:47 Kynn Jones wrote:
> On Sat, Nov 14, 2015 at 8:36 PM, Gene Heskett
wrote:
> > On Saturday 14 November 2015 17:58:59 Kynn Jones wrote:
> >> I'm trying to set up a `cron` job that will send me mail for some
> >> outputs.
> >>
> >> In my `crontab` I have the `MA
On Sat, Nov 14, 2015 at 8:36 PM, Gene Heskett wrote:
> On Saturday 14 November 2015 17:58:59 Kynn Jones wrote:
>
>> I'm trying to set up a `cron` job that will send me mail for some
>> outputs.
>>
>> In my `crontab` I have the `MAILTO` variable set to my email address,
>> as well as the directives
> closed for user myusername
>
> A new pair of such lines gets added every minute, which coincides with
> the timing of my crontab commands. Therefore, it may be that
> `pam_unix` is blocking `cron`'s attempt to send me mail? I don't know
> how to pursue this possibilit
ow
how to pursue this possibility further. (I have never done any
PAM-related configuration in my life, so whatever configuration I have
is either what "came out of the box" when I installed Debian, or was
carried out by some program without my intervention.)
(BTW, aside from what I&#
> of threads confirming that libpam-ldap module ignores debug option:
My question was about pam_unix module also, which I expected to supply more
information when the debug option is set.
Maybe I should contact directly the maintainer of the package providing pam_unix
> http://marc.info/?l=pam-li
e too with libpam-ldap.
But it seem to work with libpam-ldapd ( tested on Jessie ).
Your question is absolutely valid, also after some googling I found a
number of threads confirming that libpam-ldap module ignores debug option:
http://marc.info/?l=pam-list&m=114166927627101
http://server
ote:
>> Hello
>>
>> I’am trying to set up pam/ldap authentication on Wheezy, and struggling for
>> many days on these topics since I knew nothing from both of them before
>> beginning (I know more know ;)
>>
>> To better understand what’s going on (I have ld
On 05/11/2015 06:18 PM, Cedric Gava wrote:
Hello
I’am trying to set up pam/ldap authentication on Wheezy, and struggling for
many days on these topics since I knew nothing from both of them before
beginning (I know more know ;)
To better understand what’s going on (I have ldap credential
No volunteer to help ?
> Hello
>
> I’am trying to set up pam/ldap authentication on Wheezy, and struggling for
> many days on these topics since I knew nothing from both of them before
> beginning (I know more know ;)
>
> To better understand what’s going on (I have ldap
Hello
I’am trying to set up pam/ldap authentication on Wheezy, and struggling for
many days on these topics since I knew nothing from both of them before
beginning (I know more know ;)
To better understand what’s going on (I have ldap credential issue), I tried to
activate debug in pam, like
: No module specific data is present
I assume the "No module specific data is present" refers to PAM modules?
Any hints on how to resolve that problem or diagnose it further?
TIA
/ralph
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of &
pam is logging every cron event into auth.log, filling it up. Can I
control pam logging?
--
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1wc
/spamassassin:
su: No module specific data is present
su: No module specific data is present
su: No module specific data is present
I couldn't find anything in my notes, but I did turn up this (in a
search engine). Is it related/helpful?
http://debian.2.n7.nabble.com/Bug-736642-schroot-PAM-err
Hi!
System: Debian 7
I have a Debian 7 system that uses libpam-ldap and libnss-ldap to
authenticate against an LDAP server. This is working very well without
messing with the PAM configuration.
Now I’m trying to restrict the access with the pam_groupdn directive in
/etc/pam_ldap.conf. But
(system accounts icinga/otrs ) and
guests, also for the smoothness migration, from our password to the radius. Old
users can still use the old password, new users take the radius one.
I've installed a local FreeRadius server in proxy mode which works.
So, my question is, can I do it
hich one?
>>
>
> Look at the "What is expected of a module" section in the pam manual.
> pam_sm_authenticate and pam_sm_setcred are both called for the auth
> chains. That said, do you need pam_sm_setcred for your purpose below?
Thanks -- this (and the manual in general!) he
Joe Pfeiffer writes:
> My question takes enough explanation that I'll just start by asking it;
> afterwards I'll explain where it arises.
>
> I'm trying to understand how PAM works, and have a question regarding
> the relationship between PAM chains as defined i
My question takes enough explanation that I'll just start by asking it;
afterwards I'll explain where it arises.
I'm trying to understand how PAM works, and have a question regarding
the relationship between PAM chains as defined in /etc/pam.d/* and
fields in struct pam_module.
W
:02
> Hostlion
> Messagetype Syslog
> FacilitySECURITY
> SeverityERR
> Syslogtag lion
> Checksum0
> Message worker: PAM unable to dlopen(/lib/security/pam_unix.so):
> /lib/libnsl.so.1: symbol __libc_clntudp_bufcreate, version
>
user name and password are
correct, and then try again"
i am getting this log in the error
uID 17378
DateToday 16:30:02
Hostlion
Messagetype Syslog
FacilitySECURITY
SeverityERR
Syslogtag lion
Checksum0
Message worker: PAM unable to d
On Sat 19 May 2012 at 15:04:28 -0600, Glenn English wrote:
>
> On May 19, 2012, at 2:35 PM, Camaleón wrote:
>
> > You can also run rkhunter to scan your system.
>
> Done. It says:
>
> > File properties checks...
> > Files checked: 128
> > Suspect files: 0
> >
> > Rootkit checks...
>
log -- but there are a lot in
> auth.log. But I may well not have Fail2ban configured correctly -- I've
> got fail2ban-apache, fail2ban-apache-overflows, fail2ban-postfix, and
> fail2ban-pam-generic running.
And nothing for Dovecot? Or maybe is that the logs are only registered f
r the Fail2ban logs to check if the attack is still in place.
There's nothing about them in the Fail2ban log -- but there are a lot in
auth.log. But I may well not have Fail2ban configured correctly -- I've
got fail2ban-apache, fail2ban-apache-overflows, fail2ban-postfix, and
fail2ban
On Sat, 19 May 2012 15:04:28 -0600, Glenn English wrote:
> On May 19, 2012, at 2:35 PM, Camaleón wrote:
>
>> You can also run rkhunter to scan your system.
>
> Done. It says:
>
> File properties checks...
> Files checked: 128
> Suspect files: 0
>
> Rootkit checks...
> Rootkits chec
from where this is coming and I don't know Dovecot (with PAm
auth) enough to completely understand what can generate a blank "rhost"
because even a connection from a local machine (or the same computer
where Dovecot is installed) I'd expect an IP printed there, either remote
On May 19, 2012, at 2:35 PM, Camaleón wrote:
> You can also run rkhunter to scan your system.
Done. It says:
> File properties checks...
> Files checked: 128
> Suspect files: 0
>
> Rootkit checks...
> Rootkits checked : 110
> Possible rootkits: 0
>
> Applications checks...
>
On May 19, 2012, at 2:35 PM, Camaleón wrote:
> Is your Dovecot publicly accesible?
Yes.
> I also get login tries in my Cyrus
> coming from the outside, they're usually from automated bots running on
> zombi windows machines... if that's the case, you can apply counter-measures
> to cut these
On Sat, 19 May 2012 14:05:41 -0600, Glenn English wrote:
> I am getting many, many entries in auth.log like these:
>
> /var/log/auth.log:May 17 13:31:14 server dovecot-auth:
> pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0
> tty=dovecot ruser=webmaster rhost=
> /var/log/
I am getting many, many entries in auth.log like these:
> /var/log/auth.log:May 17 13:31:14 server dovecot-auth:
> pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0
> tty=dovecot ruser=webmaster rhost=
> /var/log/auth.log:May 17 13:31:20 server dovecot-auth:
> pam_unix(dove
On Sun, 18 Mar 2012 21:07:46 +0300, Johannes Graumann wrote:
> Below you find my (testing stock) /etc/pam.d/common-auth & xscreensaver
> files. I have endlessly played around but this eludes me, so any help
> would be appreciated ...
> I'm trying to configure pam such
Hi,
Below you find my (testing stock) /etc/pam.d/common-auth & xscreensaver
files. I have endlessly played around but this eludes me, so any help would
be appreciated ...
I'm trying to configure pam such that normal password authentication is used
UNLESS we are unlocking xscreensaver
On Jo, 08 mar 12, 17:13:06, Stayvoid wrote:
> Hello.
>
> "Add root and the other users that should be able to su to the root
> user to this group."
> I'll be the only user of the server. Should I create a guest user for
> me? Will it be enough to have a root access?
It is considered good practice
Hello.
"Add root and the other users that should be able to su to the root
user to this group."
I'll be the only user of the server. Should I create a guest user for
me? Will it be enough to have a root access?
(The answer is pretty obvious, but I want to be sure.)
"To make sure that the user roo
utnik gnome-screensaver-dialog:
> pam_winbind(gnome-screensaver:auth): request wbcLogonUser failed:
> WBC_ERR_AUTH_ERROR, PAM error: PAM_USER_UNKNOWN (10), NTSTATUS:
> NT_STATUS_NO_SUCH_USER, Error message was: No such user
(...)
> I have no idea of what can I do to solve this.
Does
:
WBC_ERR_AUTH_ERROR, PAM error: PAM_USER_UNKNOWN (10), NTSTATUS:
NT_STATUS_NO_SUCH_USER, Error message was: No such user
Dec 25 07:49:53 sputnik gnome-screensaver-dialog:
pam_unix(gnome-screensaver:auth): authentication failure; logname=
uid=1000 euid=1000 tty=:0.0 ruser= rhost= user=joe
Dec 25 07:49
On 9 January 2011 12:15, Frank Lin PIAT wrote:
> Hello,
>
> I want to allow my remote users to submit emails through SMTP
> on port 587 (using TLS). Obviously I want to enforce authenticate
> for those mail submission (my user are stored in LDAP, with passwrd
> as plain tex
On Sunday 09 January 2011 11:15:25 Frank Lin PIAT wrote:
>
> Does anyone knows a good howto. I am especially wondering how to
> instruct EXIM to use PAM/LDAP rather than the local /etc/exim4/passwd)
It has been a long time since I did this, but my recollection
is that Exim is one
d in LDAP, with passwrd
>as plain text, so both PAM and LDAP should be possible [?]).
I've never tried to get exim to talk to LDAP at all. My exim uses PAM for
authentication, which may or may not be the best idea.
Here's how I got exim4 to talk to PAM:
0. Package: -heavy
1.
Hello,
I want to allow my remote users to submit emails through SMTP
on port 587 (using TLS). Obviously I want to enforce authenticate
for those mail submission (my user are stored in LDAP, with passwrd
as plain text, so both PAM and LDAP should be possible [?]).
Does anyone knows a good howto
Hi all,
I'm doing some pam-ldap tests using Lenny in a VBox.
I do all the pam configuration successfully, it tests fine, including login.
However, on first reboot, udev complains a lot about missing groups
(like in this bug report
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516149)
Samba BDC con LDAP PAM/NSS
Hola
He buscado pero en definitiva nada claro y es que necesito implementar un
Backup Domain Controler para Debian Lenny.
Tengo la idea para la parte de el smb.conf de Samba, pero
cómo configuro LDAP, PAM y NSS???
He estado haciendo pruebas pero no he dado con la
> The good old parental control problem. How might one control user login
> times and periods using pam (or polkit)?
>
So I put an appropriate line in /etc/security/time.conf
This had no effect.
So I placed in /etc/pam.d/kdm "session required pam_time.so"
This prevented
On 10-02-21 09:08:47, Steve Kemp wrote:
> On Sun Feb 21, 2010 at 15:46:34 +0200, David Baron wrote:
>
> > The good old parental control problem. How might one control user
> > login times and periods using pam (or polkit)?
>
> Use /etc/security/time.conf, as descr
On Sun Feb 21, 2010 at 15:46:34 +0200, David Baron wrote:
> The good old parental control problem. How might one control user login times
> and periods using pam (or polkit)?
Use /etc/security/time.conf, as described here:
http://www.debian-administration.org/a
On Sun, 2010-02-21 at 15:46 +0200, David Baron wrote:
> How might one control user login times and periods using pam (or polkit)?
Never tried by myself, but maybe this is useful:
http://www.debian-administration.org/articles/227
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.
The good old parental control problem. How might one control user login times
and periods using pam (or polkit)?
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.
On Wed, 17 Feb 2010 15:56:22 +0200, David Baron wrote:
> The good old parental control problem. How might one control user login
> times and periods using pam (or polkit)?
Take a read:
Restricting server access by time
http://www.debian-administration.org/articles/227
Although the articl
The good old parental control problem. How might one control user login times
and periods using pam (or polkit)?
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.
On Wed, Feb 10, 2010 at 04:23:22PM -0500, John A. Sullivan III wrote:
> On Thu, 2010-02-11 at 07:50 +1100, Alex Samad wrote:
> >
>
[snip]
> >
> > no nslcd is not a typo, like I said there are 2 streams/groups of
> > packages for pam integration you have th
explore Debian Lenny as
> > > > > a platform
> ...
>
> > no nslcd is not a typo, like I said there are 2 streams/groups of
> > packages for pam integration you have the !older! ones. have a look
> > at nslcd and its partner packages I have found them to more stable.
po, like I said there are 2 streams/groups of
> packages for pam integration you have the !older! ones. have a look
> at nslcd and its partner packages I have found them to more stable.
...
Not in Lenny (or Lenny-Backports). In Squeeze and Sid.
--
___
m_ldap.conf with a binddn and bindpw.
> > > >
> > > > Our LDAP queries are failing and, when we look at the access logs on our
> > > > CentOS Directory Server 8.1, we see the binddn is empty:
> > > >
> > > Hi
> > >
> > > o
On Wed, 2010-02-10 at 21:30 +0100, Predrag Gavrilovic wrote:
> I believe you shold set "rootbinddn" and "rootpw" in pam_ldap.conf.
> That's what's used when lookup is done by process with effective user
> id is 0.
Hmm . . . we intentionally don't want to do that and Ubuntu works
without it. We ac
allow anonymous LDAP queries but rather
> > > configure /etc/pam_ldap.conf with a binddn and bindpw.
> > >
> > > Our LDAP queries are failing and, when we look at the access logs on our
> > > CentOS Directory Server 8.1, we see the binddn is empty:
> > >
> >
gt; We could very likely have a missing package. This is a vserver and they
> install a very skeleton base system. For example, the system initially
> did not query at all until we realized we needed to install passwd.
> This is an X2Go print server (hopefully many desktops to come
> Our LDAP queries are failing and, when we look at the access logs on our
> > CentOS Directory Server 8.1, we see the binddn is empty:
> >
> Hi
>
> on my debian system I have a couple of packages installed to handle ldap
> userid db.
>
> pam handles one side of
stem I have a couple of packages installed to handle ldap
userid db.
pam handles one side of it but you need the nss stuff as well. There
are 2 sets of packages, the one I use (I like it better - works how I
like it to work and seems to be getting active maintenance).
nslcd and with this you will
d to install passwd.
This is an X2Go print server (hopefully many desktops to come
immediately after!) so we have installed:
apt-get install locales less joe cups-x2go openssh-client cups
foomatic-db-gutenprint gutenprint-locales openprinting-ppds
cups-driver-gutenprint cups-pdf foomatic-db foomatic
My thinkfinger library is still working on the console, but both gdm
and kdm stopped using it in the past few weeks.
I was hoping that it was a temporary problem that would be fixed in
the next update (I amusing testing) but that fix did not happened.
Any idea how to fix it?
Regards
Johann
--
J
1 - 100 of 604 matches
Mail list logo
