On Thu, 2012-11-29 at 20:55 -0500, 小龙 陈 wrote:
> And PAM is working! Excellent! > I've just finished a helper for setting up NSS and PAM for sssd. It > basically does the following: > > 1. Looks for 'passwd', 'shadow', 'group', 'services', 'netgroup', and > 'automount' > in /etc/nsswitch.conf and adds 'sss' to it. SSSD does not provide a shadow map so you shouldn't ad sss to shadow. It will do no harm though, it will just be a noop. > 2. Looks for pam_unix.so in every file in /etc/pam.d/, changes > 'required' > to 'sufficient', and adds an 'include' line for 'sss' right below > itq. /etc/pam.d/sss > contains the pam_sss.so lines. > > So far, I've tested sudo and su, and both are working :) > > Here's a link to the script: > https://github.com/chenxiaolong/ArchLinux-Packages/blob/master/freeipa/sss-auth-setup.py > > If someone is bored, I'd appreciate it if he/she would take a look at > it > for glaring issues. Cool stuff, I do not know Arch Linux default PAm stack configuration so I can;t tell with certainty that the replace you make is perfect, but I do not see anything stunningly bad. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users