On Thu, 2012-11-29 at 20:55 -0500, 小龙 陈 wrote:
> And PAM is working!
> I've just finished a helper for setting up NSS and PAM for sssd. It
> basically does the following:
> 1. Looks for 'passwd', 'shadow', 'group', 'services', 'netgroup', and
> in /etc/nsswitch.conf and adds 'sss' to it.
SSSD does not provide a shadow map so you shouldn't ad sss to shadow. It
will do no harm though, it will just be a noop.
> 2. Looks for pam_unix.so in every file in /etc/pam.d/, changes
> to 'sufficient', and adds an 'include' line for 'sss' right below
> itq. /etc/pam.d/sss
> contains the pam_sss.so lines.
> So far, I've tested sudo and su, and both are working :)
> Here's a link to the script:
> If someone is bored, I'd appreciate it if he/she would take a look at
> for glaring issues.
Cool stuff, I do not know Arch Linux default PAm stack configuration so
I can;t tell with certainty that the replace you make is perfect, but I
do not see anything stunningly bad.
Simo Sorce * Red Hat, Inc * New York
Freeipa-users mailing list