search for: pam_cap

...user. This is loaded by the SGI pam_mac module into the PAM envinronment variable "MAC". I'm assuming this should happen sometime around permanently_set_uid in uidswap.c. 2) Change the capabilities of the process to the capabilities requested by the user. This is loaded by the SGI pam_cap module into the PAM encironment variable "CAP". I'm also assuming this should happen sometime around permanently_set_uid in uidswap.c. 3) Ignore the sanity checks at the end of permanently_set_uid that ensures the user cannot change back to the prior uid. If they request, and are...

Hi, since some weeks i have a strange bug / problem at our gentoo linux clients sometimes the user is unable to unlock the xscreensaver via pam / winbindd if i restart the winbindd, the unlock works. winbindd log https://pastebin.com/qVzenH47 it makes no diffrence witch of our ad/dcs respond to the client. net ads info LDAP server name: 1 or 2 or 3 (our rodc) around 40 days ago

...the user. This is loaded by the SGI pam_mac module into the PAM envinronment variable "MAC". I'm assuming this should happen sometime around permanently_set_uid in uidswap.c. 2) Change the capabilities of the process to the capabilities requested by the user. This is loaded by the SGI pam_cap module into the PAM encironment variable "CAP". I'm also assuming this should happen sometime around permanently_set_uid in uidswap.c. 3) Ignore the sanity checks at the end of permanently_set_uid that ensures the user cannot change back to the prior uid. If they request, and are gran...

...3 default=ignore] pam_unix.so nullok_secure try_first_pass auth [success=2 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass auth [success=1 default=ignore] pam_ldap.so use_first_pass auth requisite pam_deny.so auth required pam_permit.so auth optional pam_cap.so -- With kind regards Nico De Ranter Senior System Administrator Techsoft Centre Technology and Software Centre Europe The Corporate Village - Da Vincilaan 7-D1 - B-1935 Zaventem - Belgium Phone: +32 (0)2 700 8641 Fax: +32 (0)2 700 8622 E-mail: nico.deranter at eu.sony.co...

...# cat /etc/pam.d/common-auth | egrep -v "^#"* *auth [success=2 default=ignore] pam_unix.so nullok_secure* *auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass* *auth requisite pam_deny.so* *auth required pam_permit.so* *auth optional pam_cap.so * Thank you for any help & hints in advance. Kind Regards Martin

...lt=ignore] pam_unix.so nullok_secure auth [success=1 default=ignore] pam_winbind.so require_membership_of=S-1-5-21-5555555-5555555-5555555-5555 krb5_auth krb5_ccache_type=FILE cached_login use_first_pass auth requisite pam_deny.so auth required pam_permit.so auth optional pam_mount.so auth optional pam_cap.so ________________________________ Common-Password: Code: ________________________________ password [success=2 default=ignore] pam_unix.so obscure sha512 password [success=1 default=ignore] pam_winbind.so password requisite pam_deny.so password required pam_permit.so password optional pam_gnome_k...

...ep -v "^#"* > > *auth [success=2 default=ignore] pam_unix.so nullok_secure* > *auth [success=1 default=ignore] pam_winbind.so krb5_auth > krb5_ccache_type=FILE cached_login try_first_pass* > *auth requisite pam_deny.so* > *auth required pam_permit.so* > *auth optional pam_cap.so * > > Thank you for any help & hints in advance. > > Kind Regards > > Martin > > >

...mem REG 252,2 10272 12060638 /lib/x86_64-linux-gnu/security/pam_nologin.so sshd 32212 abc mem REG 252,2 18952 11931054 /lib/x86_64-linux-gnu/libcap.so.2.24 sshd 32212 abc mem REG 252,2 10376 12060669 /lib/x86_64-linux-gnu/security/pam_cap.so sshd 32212 abc mem REG 252,2 6112 12060634 /lib/x86_64-linux-gnu/security/pam_permit.so sshd 32212 abc mem REG 252,2 6024 12060632 /lib/x86_64-linux-gnu/security/pam_deny.so sshd 32212 abc mem REG 252,2 60288 12060663 /lib...

Dear list members, I am running a small active directory domain for my home network. Everything is working as expected, except for the authentication of active directory users on my machines running debian wheezy. Here is my setup: 1) Active Directory Domain Controller is running on a raspberrypi (raspbian) with samba compiled from source (v4-1-stable from git repository) 2) WIndows 7 machines

...t=ignore]                pam_ccreds.so minimum_uid=1000 action=update auth    requisite                       pam_deny.so auth    required                        pam_permit.so auth    optional                        pam_ccreds.so minimum_uid=1000 action=store auth    optional                        pam_cap.so common-account account [success=2 new_authtok_reqd=done default=ignore]        pam_unix.so account [success=1 new_authtok_reqd=done default=ignore]        pam_winbind.so account requisite                       pam_deny.so account required                        pam_permit.so account required   ...

...ternal [/home/foxx] > uname -a Linux courtney.internal 2.6.32-5-amd64 #1 SMP Wed May 18 23:13:22 UTC 2011 x86_64 GNU/Linux After another long 3 minute wait, I test for the oom bug... and guess what.. it's STILL NOT DOING IT!!! :( So now I check for differences in the /etc/pam.d... I notice pam_cap.so is missing in common-auth on the broken server: root at courtney.internal [/etc/pam.d] > dpkg -l | grep cap ii libcap2 1:2.19-3 support for getting/setting POSIX.1e capabilities ii libcap2-bin 1:2.19-3...