wait that your's they have patience with my English,
I promise that I go to improve.
I have a challenge, that it compromises a little the security,
but is necessary, and very will be well managed.
I installed module AUTH+PAM, in the apache.
I needed to give to the permission of reading in the archive /etc/shadow,
but only for the group shadow-readers.
This configuration to arrive in its final result, I needed to twirl the apache with this group "shadow-readers".
The Proper site, has the documentation to make to function in this way.
Really functions perfectly.
The Problem:
When elapsing of the day,
I perceived that modifying the password of an user using the command passwd,
the permission of the dumb archive /etc/shadow automatically.
This only occurs, modifying the password with the command "passwd".
It can add user to exclude...
With the command "passwd" only occurs.
It sees an example below:
Code:
root@firewall /etc# chmod 640 shadow
root@firewall /etc# chown root:shadow-readers shadow
root@firewall /etc# ls -la
-rw-r----- 1 root shadow-readers 1262 Sep 12 13:20 shadow
It functions perfectly.
But if some user, to enter for ssh and to modify its password,
using the command "passwd"
The Archive shadow automatically loses the permissions that I placed.
Code:
root@firewall /etc# ls -la
-rw------- 1 root root 1262 Sep 12 13:42 shadow
Any user who to change the password happens this!
Then I come through this post, to ask for to the gentlemen,
if he is possible I to decide this problem.
I am to many days, and I did not obtain a Positive result.
It would like To thank the patience of all,
and one more time to ask for Excuses for my English.
They have a Good Night.
Shadow, permissions.
It will be that no configuration does not exist?
