pam_access.so user&hostname based access problems.
Tomas Mraz
tmraz at redhat.com
Thu Apr 13 07:55:11 UTC 2006
On Thu, 2006-04-13 at 09:08 +0300, Sysadmin wrote:
> Tere.
> >
> > IMHO this translates to:
> >
> > +:group1:ALL
> > +:group2:172.0.0.
> > -:ALL:ALL
> >
> >
> Thank You, almost, but network path didn't work, so now I use:
>
> +:group1:ALL
> +:group2:172. 192.
> -:ALL:ALL
>
>
> Btw, I found some old post about different access.conf patch -
> http://groups.google.com/group/linux.redhat.pam/browse_frm/thread/7ed3a429d9fb6b6c/f1ee1e4afb48ee26?lnk=st&q=pam_access.so&rnum=7#f1ee1e4afb48ee26
>
> I create this simple patch for *pam_access; so* you can specify a diferent
> access.conf file for every service (Or the default
> /etc/security/access.conf, if not specified). For ex:
>
> /etc/pam.d/sshd
> #specify accessfile
> account required /lib/security/*pam_access.so*
> accessfile=/etc/security/access.sshd.conf
>
> /etc/pam.d/login
> #default accessfile
> account required /lib/security/*pam_access.so*
>
> This patch isn't anymore available and seems latest pam doesn't include
> it, so the question is how to use different rules for different daemon?
The accessfile= option is supported by latest PAM.
account required pam_access.so accessfile=/etc/security/access.sshd.conf
--
Tomas Mraz <tmraz at redhat.com>
More information about the Pam-list
mailing list