[OpenAFS] how to integrate auth with Linux system
Charles Clancy
security@xauth.net
Wed, 6 Feb 2002 23:22:08 -0600 (CST)
>>>>> Now I am using NIS auth, and how to just use one command to change
>>>>> two passwords(NIS and AFS)?
>>>>
>>>> You don't want to have NIS passwords. Set your NIS passwords to
>>>> "*NP*",
>
> Thank You,
> and how to? (I am a beginner )
First, kill all your NIS passwords:
cat /var/nis/domain.net/data/passwd | awk \
'BEGIN{FS=":"}{$2="*NP*"}{s=$1}{for (i=2;i<=NF;i++) s=s":"$i}{print s}' > \
/tmp/passwd
mv /tmp/passwd /var/nis/domain.net/data/passwd
cd /var/nis
make
(might need some slight adjustment to the filename, depending on setup)
Then, configure /etc/pam.d/service something like:
auth sufficient /lib/security/pam_afs.so ignore_root
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
session optional /lib/security/pam_afs.so
I assume you already have NIS configured in /etc/nsswitch.conf.
--
t. charles clancy <> tclancy@uiuc.edu <> www.uiuc.edu/~tclancy