LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   PAM: user{add,del} asks for password (https://www.linuxquestions.org/questions/linux-security-4/pam-user%7Badd-del%7D-asks-for-password-384589/)

systemparadox 11-19-2005 06:37 AM
PAM: user{add,del} asks for password
 
Hi.
I have recently installed PAM on my new LFS system.

Now, when I do 'useradd test', it asks me for a password.
Which password is it asking for!?!

Whatever password I put in, I get useradd: PAM authentication failed

The same thing happens with userdel, and I assume groupadd/groupdel.

I have somehow got past this password prompt a few times before (I can't work out how now), and then it asks me for a new password- even if I am deleting a user! Who is the new password for?

How can I make it so that these programs don't ask for any passwords, and create users with no password and disabled accounts ("x" or "!" for the password field in /etc/passwd and /etc/shadow), like they do without PAM?

My current PAM config (in /etc/pam.d) is:
login:
Code:
auth            required        pam_securetty.so
#auth          sufficient      pam_rootok.so
auth            required        pam_unix.so shadow nullok
account        required        pam_unix.so
password        required        pam_unix.so shadow nullok
#password      required        pam_cracklib.so retry=3
#password      required        pam_unix.so shadow nullok use_authtok
session        required        pam_unix.so
su:
Code:
auth            sufficient      pam_rootok.so
auth            required        pam_unix_auth.so
account        required        pam_unix.so
password        required        pam_unix.so
session        required        pam_unix.so
useradd:
Code:
auth            required        pam_securetty.so
#auth          sufficient      pam_rootok.so
auth            required        pam_unix.so shadow nullok
account        required        pam_unix.so
password        required        pam_unix.so shadow nullok
#password      required        pam_cracklib.so retry=3
#password      required        pam_unix.so shadow nullok use_authtok
session        required        pam_unix.so
OTHER:
Code:
#
# default; wake up! This application is not configured
#
auth    required      pam_warn.so
password required      pam_warn.so

#
# default; standard UN*X access
#
#auth    sufficient    pam_rootok.so
auth    required      pam_unix.so
account  required      pam_unix.so
password required      pam_unix.so
session  required      pam_unix.so
Thanks in advance
Simon

systemparadox 11-19-2005 03:59 PM
Found a solution (it was in the BLFS shadow installation section- which I had followed lol).
The useradd, userdel, usermod, group{add,del,mod} (and a few others) should have the password line as:

password required pam_permit.so


All times are GMT -5. The time now is 08:44 AM.