LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 12-24-2012, 01:05 AM   #1
dpnctl
LQ Newbie
 
Registered: Mar 2010
Posts: 15

Rep: Reputation: 0
SLES has no system-auth file


hi all,
We have 40+ Linux systems 6 of which are SLES.
We have AD authentication with kerberos on to all this servers.
As the client configuration is only a copy paste, I could complete authentication by SCPing all 3 files

scp xx.yy.zz.aaa:/etc/krb5.conf /etc/krb5.conf;
scp xx.yy.zz.aaa:/etc/pam.d/system-auth /etc/pam.d/system-auth

This went well in all 34 RHEL boxes, however was a great failure in SLES1164 boxes.

Any quick clues to make this work. When a user tried to login, I striaght away see sshd/pam related errors only in /var/log/messages file.

/etc/pam.d/sshd, /etc/pam.d/common-auth file are what I suspect. as this is a new release I am unable to find much info.
 
Old 12-24-2012, 06:54 PM   #2
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 1,821

Rep: Reputation: Disabled
Whenever you authenticate through a PAM-enabled service, PAM will look for authentication rules in /etc/pam.d/<servicename>. These files may include other files using the include directive.

RHEL, Fedora and a few other distributions include a file called "system-auth", which contains common authentication rules. That way, you can change the authentication rules for several (or even all) services by modifying a single file. Note that PAM never calls "system-auth" by itself; it has to be manually called/included from the other files.

I've never seen "common-auth", but my guess is it does the same thing. A quick look at the other files (like /etc/pam.d/login or /etc/pam.d/sshd) should tell you if that's correct.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SLES 11 - Unable to create temp dir from template /var/run/gdm/auth-for-gdm-zsxqrf sandwich Linux - General 1 10-16-2012 09:51 AM
SLES 11 - Unable to create temp dir from template /var/run/gdm/auth-for-gdm-zsxqrf sandwich Suse/Novell 0 10-16-2012 09:41 AM
Password Complexity after changing the /etc/pam.d/system-auth the system dies kprakashc Linux - Newbie 0 08-27-2008 09:50 PM
How do I add RAID 1 to existing system on SLES 10 twn2 Suse/Novell 0 01-12-2008 12:08 PM


All times are GMT -5. The time now is 02:55 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration