Visit Jeremy's Blog.
Go Back > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.


  Search this Thread
Old 06-25-2019, 10:38 AM   #1
LQ Newbie
Registered: Mar 2019
Posts: 5

Rep: Reputation: Disabled
modify and editing pam.d

What is the correct way to update pam.d? Due to hardening reason, there are some parameters in password-auth and system-auth has been removed and added some others. However in the beginning of the file it stated "Do not modify this file manually."

After the changes, some accounts unable to ssh and some unable to change password. Do we have any util to test the pam.d or generate based on our selection? Also do pam.d changes required restart to take effect?

I tried to understand by reading the man pam.d but still i have no clue. Hope someone can enlighten me here.
Old 06-27-2019, 12:53 AM   #2
Senior Member
Registered: Nov 2013
Location: Tokyo
Distribution: Redhat/Centos, Ubuntu, Raspbian, Fedora, Alpine, Cirros, OpenSuse/SLES
Posts: 3,089

Rep: Reputation: 810Reputation: 810Reputation: 810Reputation: 810Reputation: 810Reputation: 810Reputation: 810
There are utilities that modify PAM files, for example authconfig on RHEL and Centos. The PAM files you mention might also be modified when updating the software. I guess it’s for these reasons that you are not supposed to change them manually.

For testing, some PAM modules have debug options that print more information in the log files.

There is no need to restart anything after changing PAM files.
1 members found this post helpful.
Old 06-27-2019, 07:56 PM   #3
LQ Newbie
Registered: Mar 2019
Posts: 5

Original Poster
Rep: Reputation: Disabled
authconfig has been change to authselect, authselect-migration and authselect profile in rhel8. Not sure in rhel7 or centos7. Try to go through the man of those command but not really understand still.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
/etc/pam.d/system-auth-ac vs. /etc/pam.d/password-auth-ac vs. /etc/pam.d/sshd christr Red Hat 2 08-01-2014 07:08 PM
pam-ldap and pam-mysql gangadhar402 Linux - Software 2 03-09-2013 04:50 AM
Help with PAM and PAM modules bourne Linux - Security 6 11-02-2008 11:48 PM
How to modify the library path variable?modify the Electronkz Linux - Newbie 1 04-13-2004 06:18 AM
modify file access & modify timestamps i2itstud Linux - General 1 05-20-2003 03:34 AM > Forums > Enterprise Linux Forums > Linux - Enterprise

All times are GMT -5. The time now is 01:30 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration