Re: locking utmp
On Tue, 19 Mar 2002 20:38, Steve Langasek wrote:
> > > Probably a 'session .* pam_unix.so' line in the PAM config for this
> > > module. Consensus among PAM developers is that utmp is the closest
> > > possible definition for a 'unix session', so calling the session
> > > management functions of the pam_unix functions writes to utmp.
> >
> > Session shouldn't even apply as the program in question only checks the
> > password. Maybe the auth line for pam_unix.so is doing it.
>
> Looking at the source to the Debian pam package, I seem to be
> misremembering; the only references to utmp in pam_unix are in a
> PAM_getlogin() helper function that's called to log the logged-in
> username associated with failed authentication attempts. I see that
> pam_limits also looks in utmp to count the number of open sessions the
> user has.
The following line in my pam.d/kde config is the one that matters:
auth sufficient pam_unix.so
--
If you send email to me or to a mailing list that I use which has >4 lines
of legalistic junk at the end then you are specifically authorizing me to do
whatever I wish with the message and all other messages from your domain, by
posting the message you agree that your long legalistic sig is void.
Reply to: