[OpenAFS] how to integrate auth with Linux system
Mike Lee
mike.li@bamboonetworks.com
Fri, 08 Feb 2002 13:09:54 +0800
Thank you
Charles Clancy wrote:
>First, kill all your NIS passwords:
>
>cat /var/nis/domain.net/data/passwd | awk \
>'BEGIN{FS=":"}{$2="*NP*"}{s=$1}{for (i=2;i<=NF;i++) s=s":"$i}{print s}' > \
>/tmp/passwd
>
in my case, the passwd file is directly in /etc, nis folder is /var/yp.
so I have to cp it to another place and change the makefile to point to
the new one?
and later when adduser should work with that file.
the server which will host AFS, now is cvs server, and auth user against
system auth.
I donot know when the cvs auth a user, it base on /etc/passwd,
/etc/shadow or base on PAM login?
>
>mv /tmp/passwd /var/nis/domain.net/data/passwd
>cd /var/nis
>make
>
>(might need some slight adjustment to the filename, depending on setup)
>
>Then, configure /etc/pam.d/service something like:
>auth sufficient /lib/security/pam_afs.so ignore_root
>auth required /lib/security/pam_stack.so service=system-auth
>account required /lib/security/pam_stack.so service=system-auth
>password required /lib/security/pam_stack.so service=system-auth
>session required /lib/security/pam_stack.so service=system-auth
>session optional /lib/security/pam_console.so
>session optional /lib/security/pam_afs.so
>
>I assume you already have NIS configured in /etc/nsswitch.conf.
>
>--
>t. charles clancy <> tclancy@uiuc.edu <> www.uiuc.edu/~tclancy
>
>_______________________________________________
>OpenAFS-info mailing list
>OpenAFS-info@openafs.org
>https://lists.openafs.org/mailman/listinfo/openafs-info
>
--Mike