I run a small internet service provider and have just started to use the
Cryptocard Pam Radius Authentication module. I have got the basic
authentication work but have a few loose ends to tidy up.
The recommended Pam config for a service using Pam Radius Authentication is
#auth
auth required /lib/security/pam_securetty.so
auth sufficient /lib/security/pam_radius_auth.so
auth required /lib/security/pam_unix_auth.so
The problem is that the pam_securetty.so module always fails. Reading the docs
indicates that some files in /etc/security need to be setup, but I dont know
where to start. It would be real handy if I could get pam_securetty to tell me
why it is failing. Is this possible?
I'm using the Pam Radius Authentication with the GNU_POP3D 0.97 server. The
PAM authentication section of this pop server contains the following code. The
pam_authenticate call works ok but the pam_acct_mgmt and pam_setcred calls
fail. Pam_authenticate is authenticating correctly off of the radius server.
If anyone has any ideas on how to sort this out I like to hear them.
Regards. Paul
#else /* HAVE_SECURITY_PAM_APPL_H */
_user = (char *) arg;
_pwd = pass;
/* libpam doesn't log to LOG_MAIL */
closelog ();
pamerror = pam_start ("pop", arg, &PAM_conversation, &pamh);
PAM_ERROR;
pamerror = pam_authenticate (pamh, 0);
username = strdup (arg);
syslog (LOG_INFO, "Pam trying to authenticate %s", username);
PAM_ERROR;
/* pamerror = pam_acct_mgmt (pamh, 0);
PAM_ERROR;
syslog (LOG_INFO, "Pam acct mgmt ok");
pamerror = pam_setcred (pamh, PAM_ESTABLISH_CRED);
PAM_ERROR;
syslog (LOG_INFO, "Pam set cred ok");
*/
pam_end (pamh, PAM_SUCCESS);
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
