Request for a sponsor and a review of: pam_abl
Tomas Mraz
tmraz at redhat.com
Wed Jul 13 12:48:54 UTC 2005
On Wed, 2005-07-13 at 14:35 +0200, Oliver Falk wrote:
> On 07/13/2005 02:23 PM, Tomas Mraz wrote:
> > On Tue, 2005-07-12 at 10:00 +0200, Oliver Falk wrote:
> >
> >>Tried this, but get the following, if I enable pam_abl in system-auth:
> >>
> >>Jul 12 09:53:24 moon sshd[1944]: PAM unable to resolve symbol:
> >>pam_sm_open_session
> >>Jul 12 09:53:24 moon sshd[1944]: PAM unable to resolve symbol:
> >>pam_sm_close_session
> >
> > You've added pam_abl to the session stage but it doesn't have this stage
> > implemented (no functionality would be there).
> >
> > It should be added only to the auth and account stages.
>
> I just did what the documentation told me to do:
> /usr/share/pam_abl-0.2.2/conf/system-auth:
>
> #%PAM-1.0
> auth required /lib/security/$ISA/pam_env.so
> auth required /lib/security/$ISA/pam_abl.so
> config=/etc/security/pam_abl.conf
> auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
> auth required /lib/security/$ISA/pam_deny.so
>
> account required /lib/security/$ISA/pam_unix.so
>
> password required /lib/security/$ISA/pam_cracklib.so retry=3 type=
> password sufficient /lib/security/$ISA/pam_unix.so nullok
> use_authtok md5 shadow
> password required /lib/security/$ISA/pam_deny.so
>
> session required /lib/security/$ISA/pam_limits.so
> session required /lib/security/$ISA/pam_abl.so
> session required /lib/security/$ISA/pam_unix.so
>
> So, you tell me, that the documentation is wrong? If so Alexander must
> change this... In the RPM at least and maybe contact the author of
> pam_abl to change this...
Yes, I think the documentation is outdated, he should contact the author
with the bug report possibly.
--
Tomas Mraz <tmraz at redhat.com>
More information about the fedora-extras-list
mailing list