Re: PAM problems
On Wed, Sep 15, 1999 at 03:25:45PM +0200, lexchive@iname.com wrote:
> I have problems with PAM apps since the last upgrade forced them onto my
> system.
>
> First: pam_env.so outputs messages about non alpha-numeric variable names in
> /etc/environment when i login. The funny things is, those variables are still
> set (maybe by another mechanism?).
>
> Then, more important: I used to have a message like `2 failures since last
> login'. I dont get it anymore, only a message about the last successful login.
> Also I get messages on the syslog about every successful login, I would like
> to get only messages about successful logins for root and failures for all
> accounts.
>
> Is there a way to have pam apps behave the way the old apps used to? I thought
> that was what pam_unix.so was supposed to do but it's even worse. I have never
> used pam before, of course I will learn how to configure it, in the meantime I
> would appreciate to get some basic functionality.
Hmm...seems like you have basic functionality, just a few nitpicks. The failure
notice on login is something I am working on (moving it from the old login to
pam_lastlog). As for the log messages, I'll take a look. AFAIK (atleast from
what others told me) environment vars are not supposed to have non alpha-numeric
characters in the var name itself, it seems that your login service (perhaps ssh
or bash) is using them anyway. You can disable the PAM's env parsing by commenting
out pam_env.so in /etc/pam.d/login (or any other service that uses it).
There are extensive docs an PAM and each of the modules in the "PAM Adminitrator's
Guide" available in the libpam-doc package (in html, ps, sgml, and text formats).
Ben
Reply to: