Quote:
Originally Posted by stickman
I've got a few RHEL4 systems authenticating via LDAP, and I modified system-auth. One unfortunate side affect of using the RHEL tools is that they only understand basic configurations. I found it easier just to make the changes that I needed rather than rely on the tools.
What do your login and sshd files look like?
|
/etc/pam.d/login:
#%PAM-1.0
auth required pam_securetty.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
account required pam_access.so
password required pam_stack.so service=system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_stack.so service=system-auth
session required pam_loginuid.so
session optional pam_console.so
# pam_selinux.so open should be the last session rule
session required pam_selinux.so open
/etc/pam.d/sshd:
#%PAM-1.0
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
account required pam_access.so
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_loginuid.so
We have also opened a ticket with RedHat Support but nothing has come of it yet. Thanks for looking.