Summary: | sys-auth/pambase[kerberos] error condition when pam_krb5 succeed | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Simon Alman <haven> |
Component: | [OLD] Core system | Assignee: | PAM Gentoo Team (OBSOLETE) <pam-bugs+disabled> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Simon Alman
2010-08-19 08:35:51 UTC
Your account chain is not valid to actually be used as default as it'll be IGNORING anything else beside Kerberos if it's not in chain. Can I ask you to test a different situation? account [success=1 default=ignore] pam_krb5.so ignore_root try_first_pass account required pam_unix.so account optional pam_permit.so I can confirm that the change below works when applied to the default system-auth file. Tested against vsftp and sshd.
Regards
Simon
> Can I ask you to test a different situation?
>
> account [success=1 default=ignore] pam_krb5.so ignore_root try_first_pass
> account required pam_unix.so
> account optional pam_permit.so
Give me time to get lunch and I'll release a fixed pambase. Fixed in pambase-20100819, thanks! |