[OpenAFS] Authenticating root with pam_afs...

Jason Edgecombe jedgecombe@carolina.rr.com
Wed, 17 Oct 2001 09:40:30 -0400


hi,

here is  my /etc/pam.d/system-auth

look at the first uncommented line. the parameter that you want is
"ignore_root"
"try_first_pass" is good to.

btw, when you install the openafs rpms, it tells you at the end to add
that line to your 
pam config.


# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        sufficient    /lib/security/pam_afs.so.1 try_first_pass
ignore_root
auth        sufficient    /lib/security/pam_unix.so likeauth nullok md5
shadow
auth        required      /lib/security/pam_deny.so
account     sufficient    /lib/security/pam_unix.so
account     required      /lib/security/pam_deny.so
password    required      /lib/security/pam_cracklib.so retry=3
password    sufficient    /lib/security/pam_unix.so nullok use_authtok
md5 shadow
password    required      /lib/security/pam_deny.so
session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so


Sincerely,
Jason Edgecombe

Eric Knudstrup wrote:
> 
> I just found that I cannot authenticate root via pam because
> ka_AuthenticateGeneral() will not allow root to authenticate because the
> "instance" parameter is always NULL and kicks out an error.
> What do I need to enter in this parameter to allow me to use pam with root logins?
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info