> But when I remove the token and for eksample try to login as su It asks
> for pin, wouldnt it be better if the card/read is removed/disconnected
> if it said insert token/card or something like that? Now it prompts for
> pin no matter what but ends in a seg fault if i press enter or enter a pin.
Found it! Apply this patch to muscleframework-1.1.5/MusclePAM/pam_smartcard.c
diff -Bbu pam_smartcard.c.orig pam_smartcard.c
--- pam_smartcard.c.orig 2004-10-27 09:50:04.000000000 -0400
+++ pam_smartcard.c 2004-10-27 12:01:45.000000000 -0400
@@ -360,7 +360,7 @@
return PAM_AUTHINFO_UNAVAIL;
*/
- result = PAM_AUTH_ERR;
+ return PAM_AUTH_ERR;
}
You can now use "su" to work with smartcards alone, or fall back to passwords,
depending on the configuraiton of /etc/pam.d/su
That is, if pam_musclecard.so is "sufficient", then you don't need to try the next
line - i.e. a password. Just use:
auth sufficient /lib/security/pam_musclecard.so service=system-auth
auth required /lib/security/$ISA/pam_stack.so service=system-auth
_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.drizzle.com/mailman/listinfo/muscle
