* Andreas Schuldei ([EMAIL PROTECTED]) [040417 02:33]: > my configuration changes are attached. > > some files seem to be modified by cfengine allready. this might > make things easier.
> auth sufficient pam_unix.so > auth required pam_ldap.so use_first_pass > account sufficient pam_unix.so > account required pam_ldap.so > session required pam_unix.so > password required pam_unix.so nullok obscure min=4 max=8 md5 > diff -urbB etc/webmin/miniserv.conf /etc/webmin/miniserv.conf > --- etc/webmin/miniserv.conf Wed Apr 9 05:43:40 2003 > +++ /etc/webmin/miniserv.conf Fri Apr 16 23:19:21 2004 > @@ -16,10 +16,12 @@ > keyfile=/etc/webmin/miniserv.pem > blockhost_time=300 > no_pam=0 > +pam=webmin > +unixauth=pam > passdelay=1 > session=1 > blockhost_failures=3 > diff -urbB etc/webmin/webmin.acl /etc/webmin/webmin.acl two files are created/modified in webmins postinstall: miniserv.users is created from scratch with the root password hash and can be replaced entirely with the miniserv.users file attached. in this file and the webmin.acl file more users with different rolles (tachers, students, admins, jradmins) can be added. the list in webmin.acl is the list of modules each of the groups have access to, then. the format of the miniserv.users file is username:x:0:: the x here indicates that pam is used. in miniserv.conf there needs to be a pam=webmin entry. this points to /etc/pam.d/webmin (aka the pam file to be used) the unixauth=pam enty is only a pointer to some user using unixauthorisation (PAM in our case). it could be an other username (which should be in miniserv.users, too). i hope i forgot nothing. (c:
