Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009 Manual page 33
Hide thumbs
Also See for LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009:
- Administration manual (338 pages) ,
- Deployment manual (246 pages) ,
- Application manual (364 pages)
Table of Contents
Advertisement
tion is made with central configuration files and all changes are automatically inherited
by the PAM configuration of each service.
The first include file (common-auth) calls two modules of the auth type:
pam_env.so and pam_unix2.so. See
the auth Section"
(page 21).
Example 2.2 Default Configuration for the auth Section
auth
required
auth
required
The first one, pam_env, loads the file /etc/security/pam_env.conf to set
the environment variables as specified in this file. This can be used to set the DISPLAY
variable to the correct value, because the pam_env module knows about the location
from which the login is taking place. The second one, pam_unix2, checks the user's
login and password against /etc/passwd and /etc/shadow.
The whole stack of auth modules is processed before sshd gets any feedback about
whether the login has succeeded. Given that all modules of the stack have the
required control flag, they must all be processed successfully before sshd receives
a message about the positive result. If one of the modules is not successful, the entire
module stack is still processed and only then is sshd notified about the negative result.
As soon as all modules of the auth type have been successfully processed, another
include statement is processed, in this case, that in
for the account Section"
pam_unix2. If pam_unix2 returns the result that the user exists, sshd receives a
message announcing this success and the next stack of modules (password) is pro-
Example 2.4, "Default Configuration for the password Section"
cessed, shown in
(page 21).
Example 2.3 Default Configuration for the account Section
account required
Example 2.4 Default Configuration for the password Section
password requisite
password required
Example 2.2, "Default Configuration for
pam_env.so
pam_unix2.so
(page 21). common-account contains just one module,
pam_unix2.so
pam_pwcheck.so
nullok cracklib
pam_unix2.so
nullok use_authtok
Example 2.3, "Default Configuration
Authentication with PAM
21
Advertisement
Table of Contents
Related Manuals for Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009
Related Products for Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009
- NOVELL EDIRECTORY 8.8 SP2 - GUIDE 10-2007
- NOVELL EDIRECTORY 8.8 SP5 - GUIDE 12-2009
- NOVELL IDENTITY MANAGER 3.6.1 - WORKORDER DRIVER IMPLEMENTATION GUIDE 18-12-2009
- NOVELL LINUX ENTERPRISE 11 - SUBSCRIPTION MANAGEMENT TOOL GUIDE 10-02-2009
- NOVELL OPEN ENTERPRISE SERVER - CONVERSION GUIDE 12-2010
- NOVELL OPEN ENTERPRISE SERVER 2 SP2 - PLANING AND IMPLEMENTATION GUIDE 11-10-2009
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - UPGARDE GUIDE 10-09-2009
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - VIRTUAL MACHINE MANAGEMENT GUIDE 10-17-2009
- NOVELL PRODUCT NAME 10.3 - DEPLOYING ZENWORKS ON CITRIX SERVER BEST PRACTICES GUIDE 12-13-2010
- NOVELL SERVER CONSOLIDATION MIGRATION TOOLKIT 1.1 - ADMINISTRATION GUIDE 12-23-2005
- NOVELL ZENWORKS APPLICATION VIRTUALIZATION 8.0.2 - INTEGRATION AND STREAMING GUIDE 11-2010
- NOVELL ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010
- NOVELL CUSTOMER CENTER 2.3 - GUIDE 4-8-2009
- NOVELL IFOLDER 3.X - SECURITY ADMINISTRATOR GUIDE 08-15-2006
- NOVELL LINUX ENTERPRISE SERVER 10 - START-UP GUIDE 06-12-2006
- NOVELL LINUX ENTERPRISE SERVER 10 SP2 - STORAGE ADMINISTRATION GUIDE 05-15-2009