I agree that cached shadow would enable pam_unix to operate correctly. As far as I'm aware, nss_updatedb does not support local caching of shadow, only passwd and group, and the db option can't be used on the shadow entry (only files and ldap) in nsswitch.conf. I presume that's because of security implications?
The absence of cached shadow would rule out using pam_unix at this stage. It looks like your preferred option is to add "account" method support to pam_ccreds, and the presumably amend pam-auth-update to include that in the module processing. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/799605 Title: pam-auth-update creates a 'common-account' that fails with cached logins To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libpam-ccreds/+bug/799605/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
