search for: use_uid

...-G wheel umarzuki *Yes, I can use/setup sudo but I do this just for learning purpose My /etc/pam.d/su as below auth sufficient pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. auth required pam_wheel.so use_uid auth include system-auth account sufficient pam_succeed_if.so uid = 0 use_uid quiet account include system-auth...

...PAM, so I've modifed /etc/pam.d/su and /etc/pam.d/login to use pam_limits.so: # cat /etc/pam.d/su #%PAM-1.0 auth sufficient pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. #auth required pam_wheel.so use_uid auth include system-auth account sufficient pam_succeed_if.so uid = 0 use_uid quiet account include system-auth...

...nullok shadow try_first_pass password required pam_sss.so use_authtok session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session sufficient pam_sss.so session required pam_unix.so try_first_pass session optional pam_umask.so session optional pam_gnome_keyring.so auto_start only_if=gdm,gdm-password,lxdm,lightdm With kind regards, ulrich

....so use_authtok > password required pam_deny.so > > session optional pam_keyinit.so revoke > session required pam_limits.so > -session optional pam_systemd.so > session [success=1 default=ignore] pam_succeed_if.so service in > crond quiet use_uid > session required pam_unix.so > session optional pam_sss.so > > My /etc/pam.d/password-auth: > #%PAM-1.0 > # This file is auto-generated. > # User changes will be destroyed the next time authconfig is run. > auth required pam_env.so > auth...

On 05/09/2015 01:24 PM, Jonathan Billings wrote: > Is it normal to have pam_unix and pam_sss twice for each each section? No. See my previous message. I think it's the result of copying portions of SuSE configurations.

...st_pass retry=3 type= password sufficient pam_unix.so sha512 shadow nullok use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so ###################password-auth######### auth required pam_tally2.so deny=3 unlock_time=1800 auth required pam_env.so auth sufficient pam_unix.so auth requisite pam_succeed_if.so uid >= 500 quiet auth requir...

...ient /lib/security/pam_rootok.so auth sufficient /lib/security/pam_winbind.so auth sufficient /lib/security/pam_unix.so use_first_pass # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient /lib/security/pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. #auth required /lib/security/pam_wheel.so use_uid #auth required /lib/security/pam_smb_auth.so #auth required /lib/security/pam_stack.so service=system-auth account required /l...

...ly upgraded to openssh 6.6 version and I am finding public authentication doesn't seem to work. I see the openssh application exits with the error, fatal: key_free: bad key type 1515870810 After I created one more user, it throws the below error and exits. fatal: restore_uid: temporarily use_uid not effective I was able to successfully authenticate using 5.x openssh version. Kindly let me know, if this is a problem with 6.6 version? Regards Opensshuser

...5_password {get,verify}_init_creds stuff). Thanks for these. Unfortunately, your vrs patches seem to be based on an earlier version of my patch than the one you're bundling. In particular, your patch adds back in the incorrect replay cache code (it uses the wrong cache name), and takes out the use_uid calls that are necessary to make verify_init_creds() work correctly. It also adds back in the xfree() calls in auth1.c that I removed - these have to be removed to make it work reliably. Finally there are a couple of patches to the rijandel code that don't seem related? I am right in thinking...

...rootok.so > auth sufficient /lib/security/pam_winbind.so > auth sufficient /lib/security/pam_unix.so use_first_pass > # Uncomment the following line to implicitly trust users in the "wheel" > group. > #auth sufficient /lib/security/pam_wheel.so trust use_uid > # Uncomment the following line to require a user to be in the "wheel" group. > #auth required /lib/security/pam_wheel.so use_uid > #auth required /lib/security/pam_smb_auth.so > #auth required /lib/security/pam_stack.so service=system-auth > a...

...nix.so sha512 shadow nullok try_first_pass password sufficient pam_ldap.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session optional pam_ldap.so session required pam_mkhomedir.so skel=/etc/skel umask=0022 session required pam_unix.so Now passwd works, but not really: [Guilherme at server ~]$ passwd Changing password for user Guilherme. Enter login(LDAP) password: New password: Retype...

...password sufficient pam_krb5.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session optional pam_mkhomedir.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_krb5.so session optional pam_mount.so If pam_mount.so is listed in the session definition I will be asked for the password a second time during SSH login: At this stage the share is already mounted. I can just remove th...

...k password sufficient pam_sss.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_sss.so My /etc/pam.d/password-auth: #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so nullok try_f...

....so use_authtok > password required pam_deny.so > > session optional pam_keyinit.so revoke > session required pam_limits.so > -session optional pam_systemd.so > session [success=1 default=ignore] pam_succeed_if.so service in > crond quiet use_uid > session required pam_unix.so > session optional pam_sss.so > > My /etc/pam.d/password-auth: > #%PAM-1.0 > # This file is auto-generated. > # User changes will be destroyed the next time authconfig is run. > auth required pam_env.so > auth...

...d pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session optional pam_mkhomedir.so skel=/etc/skel/ umask=0077 session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_winbind.so -------------------------------------------------------------- system-auth-ac #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_en...

...rd sufficient pam_ldap.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session optional pam_mkhomedir.so session [success=1 default=ignore] pam_succeed_if.so debug service in crond quiet use_uid session required pam_unix.so session optional pam_ldap.so I have added + : jboss : cron to /etc/security/access.conf which fixes the problem. However I am not sure that it is the "correct" fix. I would have thought that the string in /etc/ldap.conf nss_initgroups_i...

...sufficient pam_ldap.so use_authtok >> password required pam_deny.so >> >> session optional pam_keyinit.so revoke >> session required pam_limits.so >> session [success=1 default=ignore] pam_succeed_if.so service in crond >> quiet use_uid >> session optional pam_ldap.so >> session required pam_mkhomedir.so skel=/etc/skel umask=0022 >> session required pam_unix.so >> >> Now passwd works, but not really: >> [Guilherme at server ~]$ passwd >> Changing password for use...

maybe it'll work when f27 comes out in a few days I'll wait for it. On Mon, Oct 30, 2017 at 3:05 PM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > for this machine it was unimportant. I will just use local accounts to > login it is only one user > I did remove sssd and went back to my original smb.conf but it still shows > > [root at squints ~]# getent passwd

...=3 password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so

...dow nullok try_first_pass use_authtok password sufficient pam_winbind.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 Thanks for any help. Jiri