> Date: Thu, 29 Nov 2012 20:30:01 +0100
> From: jhro...@redhat.com
> To: firstname.lastname@example.org
> Subject: Re: [Freeipa-users] FreeIPA manual PAM setup help
> On Thu, Nov 29, 2012 at 01:56:24PM -0500, 小龙 陈 wrote:
> > I didn't know that ipa-server is now working in Ubuntu. That's really great
> > news!
> > Best regards,
> > Xiao-Long Chen
> I could be wrong, but I don't think the IPA server is working in
> Ubuntu..I know the client bits are and there was an effort to package
> the server as well, but I don't think it's finished yet.
> Timo would know better, though..
> Freeipa-users mailing list
And PAM is working!
I've just finished a helper for setting up NSS and PAM for sssd. It
basically does the following:
1. Looks for 'passwd', 'shadow', 'group', 'services', 'netgroup', and
in /etc/nsswitch.conf and adds 'sss' to it.
2. Looks for pam_unix.so in every file in /etc/pam.d/, changes 'required'
to 'sufficient', and adds an 'include' line for 'sss' right below itq.
contains the pam_sss.so lines.
So far, I've tested sudo and su, and both are working :)
Here's a link to the script:
If someone is bored, I'd appreciate it if he/she would take a look at it
for glaring issues.
Freeipa-users mailing list