Gentoo Archives: gentoo-dev

From: Tibor Rudas <a9101556@××××××××××××××.at>
To: Gentoo Developer List <gentoo-dev@××××××××××.org>
Subject: [gentoo-dev] pam configuration
Date: Tue, 04 Dec 2001 09:39:28
1 Hello
3 I seem to have a serious problem with nis-exported passwd-entries:
4 A single "*" in the password section of the passwd file does NOT lock
5 the given account! The user can just hit return at the password request
6 to log in. This seems to be not the case with local accounts.
7 Everything else is working splendid with nis. I do not have the "+"-entry
8 in my passwd file since it is not necessary on our other machines (I think
9 this is only needed when using 'compat' in nsswitch..?).
11 This can be cured by using instead of in
12 /etc/pam.d/login.
13 Strangely enough /etc/pam.d/sshd uses as well but locks
14 out the user... ... actually it does not lock out the user but simply gives a
15 blank line after hitting return on the password request and can only be
16 stopped by Ctrl-C...
17 ...and ssh does not use the 'nullok' modification given in /etc/pam.d/sshd
18 and locks out users with empty password field as well.
20 any help on this one?
22 regards
24 Tibor Rudas