problem with pam.deny.so
Hallo,
I've been struggling with hardening my pam.d stacks lately. Upon
replacing pam.unix.so by a stack containing account.so, auth.so,
session.so, warn.so and deny.so, the login shell starts returning
messages like 'user account expired', even for my root account. I've
been fiddling with /etc/shadow (e.g. made new test users with adduser);
studied the manuals of course, but so far the problem remains manifest.
So, what's the matter here? Is pam.deny.so broken or am I missing
something? Anybody got a clue?
I'm running Debian testing on a 2.6.1 kernel
Thanks.
Reply to: