[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

rexec solution found

From: Reid van Melle <reid sask trlabs ca>
To: axp-list redhat com
Subject: rexec solution found
Date: Sun, 1 Nov 1998 14:47:50 -0600 (CST)

	I consulted with some PAM people and the solution seems to be:

> I've made a brief look on pam_securetty module and found
> that it returns PAM_SERVICE_ERR if it fails to determine the controlling
> terminal.  As far as I remember rexec doesn't establish a preudoterminal
> for the executed commands so pam_securetty should always fail for rexec.
>
> I suggest to just remove the pam_securetty reference from the
> configuration file.

a working /etc/pam.d/rexec is then:
**********
#%PAM-1.0
auth       required     /lib/security/pam_pwdb.so debug shadow nullok
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_pwdb.so
**********

	I guess this should be the default for rexec in the RedHat
distribution of pam.  It works great for me now.  Should this be something
that goes into the RedHat general errata?

				Reid van Melle

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []