[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_group.so no tty entry



I guess I was now able to locate the issue.

It looks like the read_field function doesn't like # comment lines.

As soon as I removed any comment from the file (like below) and only have the two elementary lines, the warning message disappears:

# ######################################################################
# --- This file is under control of central configuration management ---
#
# For further informations see https:...
# ######################################################################

# the syntax of the lines is as follows:
#
#       services;ttys;users;times;groups
#

*; *; unki; Al0000-2400; adm
*; *; lefant; Al0000-2400; adm

#
# End of group.conf file
#

Andreas

Quoting Andreas Unterkircher <unki netshadow at>:

Hello,

We are using pam_group.so to dynamically add our LDAP-based
admin accounts to the "adm" group to be able to read syslog
files without sudo under Debian.

Basically it works perfectly - the only issue we have is that
the syslog is now filled up with lines like:

pam_group[11483]: /etc/security/group.conf; no tty entry #1
pam_group[29319]: couldn't get the tty name

Our /etc/security/group.conf contains two lines:
*; *; admin1; Al0000-2400; adm
*; *; admin2; Al0000-2400; adm

What I can read from the example comments a wildcard is
supported in the tty-column. But as far as I be able to read
from the source the error is generated because * is not a
vaild shell according /etc/securetty. Basically we only need
it for ssh - but tty* or pts* is not working.

What is the point in still showing up this log message on a
wildcard match?

Regards,
Andreas

_______________________________________________
Pam-list mailing list
Pam-list redhat com
https://www.redhat.com/mailman/listinfo/pam-list







[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]