search for: pam_rootok

...user>" exe="/usr/bin/su" hostname=? addr=? terminal=? res=success' Oct 26 11:01:06 <servername> kernel: type=1104 audit(1477494066.620:642432): pid=108548 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 msg='op=PAM:setcred grantors=pam_rootok acct="<user>" exe="/usr/bin/su" hostname=? addr=? terminal=? res=success' Oct 26 11:01:11 <servername> su: (to <user>) root on none Oct 26 11:01:11 <servername> su: (to <user>) root on none Oct 26 11:01:11 <servername> systemd: Started Se...

...X server. Perhaps you do not have console ownership? Please consult the The X.Org Foundation support at http://wiki.X.Org for help. Here is what I've tried: 1) chmod 777 /dev/console 2) /etc/pam.d/xserver looks like: auth sufficient pam_rootok.so auth required pam_console.so account required pam_permit.so auth required /lib/security/pam_console.so auth required /lib/security/pam_permit.so account required /lib/security/pam_permit.so -------------- next part -------------- An HTML attachme...

I had added user umarzuki to wheel group # usermod -G wheel umarzuki *Yes, I can use/setup sudo but I do this just for learning purpose My /etc/pam.d/su as below auth sufficient pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. auth required pam_wheel.so use_uid auth...

...14]: pam_access(crond:account): access denied for user `jboss' from `cron' I have the following in /etc/ldap.conf nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss /etc/pam.d/crond auth sufficient pam_env.so auth required pam_rootok.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/pam.d/system-auth-ac #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authc...

...quot;/usr/bin/su" hostname=? addr=? terminal=? res=success' > Oct 26 11:01:06 <servername> kernel: type=1104 > audit(1477494066.620:642432): pid=108548 uid=0 auid=4294967295 > ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 > msg='op=PAM:setcred grantors=pam_rootok acct="<user>" exe="/usr/bin/su" > hostname=? addr=? terminal=? res=success' > > Oct 26 11:01:11 <servername> su: (to <user>) root on none > Oct 26 11:01:11 <servername> su: (to <user>) root on none > Oct 26 11:01:11 <servername...

...;/var/imapuser". all simple & good, except -- -- where's "pam_listfile.so" on OSX? % ls /usr/lib/pam/ pam_afpmount.so pam_nologin.so pam_securetty.so pam_uwtmp.so pam_deny.so pam_permit.so pam_securityserver.so pam_wheel.so pam_netinfo.so pam_rootok.so pam_unix.so do i have to grab-n-install it from somewhere? or are one of these ^ an 'equivalent' ... this _should_ be simple :-} thanks, richard

I've done everything stated in the various guidance to get a regular user to use virt-manager (graphical Virtual Machine Manager) under CentOS 5.4 with KVM. Placing the user in the kvm group and changing permissions on several files to include kvm has not worked...the user still needs to enter the root password to use the graphical VMM. I thought of pressing sudo into service for this task.

...id failed opening loginuid This seems to happen every 5 minutes. Probably caused by the cacti cron jobs running. It looks to have started after the last krb5 updates - however this could be coincidence. $ cat crond # # The PAM configuration file for the cron daemon # # auth sufficient pam_rootok.so auth required pam_env.so auth include system-auth account required pam_access.so account include system-auth #session required pam_loginuid.so session include system-auth I commended out pam_loginuid.so - as I remember reading somewhere that this was the...

...am_winbind.so * In source tree #cp nsswitch/pam_winbind.so /lib/security *chmod 755 pam_winbind.so -Enable telnet in xinetd.d, xinetd running -Added /lib/security/pam_winbind.so to /etc/pam.d/login & su [root@caribou pam.d]# more su #%PAM-1.0 auth sufficient /lib/security/pam_rootok.so auth sufficient /lib/security/pam_winbind.so auth sufficient /lib/security/pam_unix.so use_first_pass # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient /lib/security/pam_wheel.so trust use_uid # Uncomment the followi...

Hi All, I added Linux machines to my AD domain (Windows 2000 native domain) and have the following problems / questions: 1 - How can I set the shell per user? (I know how to set per computer on the smb.conf "template shell = /bin/sh", I have few users that work on the same machine and use different shells) 2 - I noticed that if you logon as root, you can do SU to each user on the

hi, first of all, thanks to all the samba team for your great work and documentation. Well done! I have followed the 'By Example' guide, everything is working fine, except one thing. As indicated on chapter 5, point 14 of Configuration of smbldap-tools, when I try: # getent passwd | grep root I have 2 results, both id 0 root:x:0:0:root:/root:/bin/bash root:x:0:512:Netbios Domain

...t now I get "could not open session" if I try to su to the user. singhh - nofile unlimited I think this is related to PAM, so I've modifed /etc/pam.d/su and /etc/pam.d/login to use pam_limits.so: # cat /etc/pam.d/su #%PAM-1.0 auth sufficient pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. #auth required pam_wheel.so use_uid auth...

...ee > #cp nsswitch/pam_winbind.so /lib/security *chmod 755 pam_winbind.so > > -Enable telnet in xinetd.d, xinetd running > > -Added /lib/security/pam_winbind.so to /etc/pam.d/login & su > [root@caribou pam.d]# more su > #%PAM-1.0 > auth sufficient /lib/security/pam_rootok.so > auth sufficient /lib/security/pam_winbind.so > auth sufficient /lib/security/pam_unix.so use_first_pass > # Uncomment the following line to implicitly trust users in the "wheel" > group. > #auth sufficient /lib/security/pam_wheel.so trust use_ui...

...guest ok = yes writable = no printable = yes # cat /etc/pam.d/system-config-samba #%PAM-1.0 auth include config-util account include config-util session include config-util # cat /etc/pam.d/config-util #%PAM-1.0 auth sufficient pam_rootok.so auth sufficient pam_timestamp.so auth include system-auth account required pam_permit.so session required pam_permit.so session optional pam_xauth.so session optional pam_timestamp.so # cat /etc/pam.d...

...ts] # pam = { # debug = false # ticket_lifetime = 36000 # renew_lifetime = 36000 # forwardable = true # krb4_convert = false # } =============================================================================== in pam:d : auth-config #%PAM-1.0 auth sufficient /lib/security/$ISA/pam_rootok.so auth required /lib/security/$ISA/pam_stack.so service=system-auth service=system-auth #auth required /lib/security/pam_securetty.so #auth required /lib/security/pam_nologin.so #auth sufficient /lib/security/pam_winbind.so #auth required /lib/security/...

Thank for your answer: But i dont know understand why is following not working: I want to restrict the ssh access for a special domain member: In my "sshd_config" i added: AllowGroups restrictaccess root With user2 im able to login via ssh! log: pam_krb5(sshd:auth): user user2 authenticated as user2 at ROOTRUDI.DE With user1 im not! log: User user1 from 192.168.0.100 not allowed

Greetings from NY! I am running SaMBa version 2.2.6 compiled from source on a RedHat 7.3 (Linux tux.#########.net 2.4.19 #1 Fri Oct 25 15:39:52 EDT 2002 i686 unknown) box. I start smbd and nmbd as I usually do. Then I start winbindd I verified that they are running. I run : smbpasswd -j DOMAIN -r Windows2kDomainController -U Administrator Password: Joined domain DOMAIN. Ok, so I'm in

Howdy list, Sorry if this is a frequently discussed topic, or an off-topic question, but I couldn't find much info about my question by performing quick searches in the archives, and my question is pretty tightly related to security... Background: =========== I have a number of FreeBSD machines. Most are 4.x, but a few are 5.x (mainly the testing/devel machines). I also have a single Red

Hey gang, I seem to be having a brain disconnect on how to get the Augeas type to manage things that have multiple values (i.e. an Augeas tree) via Puppet. If I run this in augtool: augtool> set /files/etc/ssh/sshd_config/AllowGroups/1000 sshuser augtool> save I see this in /etc/ssh/sshd_config: AllowGroups sshuser However, if I try this in an Augeas type: augeas {