I'm working with Tivoli Identity Manager (TIM) to try and set it up. We've determined that the product does not do an interactive session using its SSH adapter (aka POSIX adapter). We need to find a way to cause the session to use the interactive session initialization (the stuff from /etc/profile and so on).
The TIM product appears to be issuing a ssh to a remote system, authenticating to the box, issuing a sh, and running commands. We are told by the team that manages TIM that we do not have control over how TIM operates post login. Since the user environment is not utilized, but TIM relies on that environment, the product is failing to operate correctly. User .profiles are ignored, /etc/profile is ignored, etc. We've considered the sshd_config PermitUserEnvironment setting, but that would open up too nasty a security hole since I can't lock it to a single user. Does anyone have any suggestions on how to address this problem? ---- "The speed of communications is wondrous to behold. It is also true that speed can multiply the distribution of information that we know to be untrue." Edward R Murrow (1964) Mark McCullough [email protected] _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
