Hylafax Mailing List Archives
|
[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
Re: [hylafax-users] PAM problem... group based auth and account bug
Hi
I have managed to make Hylafax work with pam_ldap authentification,
but now I would like to make a supplementary test to only allow
certain members of a group to login.
I've tried with pam_access and pam_require
(http://www.splitbrain.org/Programming/C/pam_require/index.php),
but they are "account" modules and it seems that Hylafax ignore
them. For example, with this /etc/pam.d/hylafax:
auth required /lib/security/pam_ldap.so
account required /lib/security/pam_require.so toto
pam_require logs "login denied for user toto" when I try with lambda
user but access to Hylafax is still allowed.
I have even tested with:
auth required /lib/security/pam_ldap.so
account required /lib/security/pam_deny.so
and I could login too.
I am sure that PAM is active since modification on the "auth" line has
effects and can refuse authentification.
Is there something I did not understand or is it an Hylafax bug? (or
is it wanted?)
For my problem I think I will use the "pam_groupdn" directive in /etc/ldap.conf
but it is still weird that it did not work, I spent a lot of time trying to
figure out what was wrong...
____________________ HylaFAX(tm) Users Mailing List _______________________
To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
*To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*