I am using redhat 7.2 and am looking into my PAM setup. it seems like redhat have linked common procedures together into one file system-auth.
The auth section looks like this auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth sufficient /lib/security/pam_ldap.so use_first_pass auth required /lib/security/pam_deny.so I have been reading the PAM admin manual and it seems to state for the auth section for pam_deny.so, that the bottom line should disallow all authentications because it is a required item and it returns an error? What am I missing? These are the lines from /etc/pam.d/sshd auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so Or is the catch in the fact that PAM doesn't ask pam_deny to return AUTH creds because it has them from the previous modules ? Thanxs Alex -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
