very nasty bug in pam_succeed_if

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I have a mix of various RedHat and Fedora Systems in our network
where we still use NIS.  In nsswitch.conf, we use 'compat' mode
for passwd, shadow, group.  

After doing two clean FC2 installs I noticed that any user with
over 8 groups could not login.  Doing a 'su - user' as one of these
users would segfault.  If I removed compat mode from nsswitch.conf,
the problem would go away.  

However, on a FC2 test 3 box that I update to FC2 final, I did
not have this problem.  This helped me track the problem down to
the pam_succeed_if line in /etc/pam.d/system-auth which did not
exist on the upgraded box (why the update did not put this in
I do not know).  Removing the line from system-auth on the two
clean install boxes fixed the problem.

What exactly is the reasoning behind the pam_succeed_if line being
added to system-auth anyway?

-- 
---------------------------------------------------------------
Paul Raines                   email: raines@xxxxxxxxxxxxxxxxxxx
MGH/MIT/HMS Athinoula A. Martinos Center for Biomedical Imaging
149 (2301) 13th Street        Charlestown, MA 02129	USA   





[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux