Re: not met ids in logs

[Alexander Dalloz <ad+lists@xxxxxxxxx>]

Am Mo, den 06.06.2005 schrieb Danny Terweij um 12:16:

> I have many loggings of this :
> dovecot-auth: pam_succeed_if: requirement "uid < 100" not met by user
> "henny"
> dovecot-auth: pam_succeed_if: requirement "uid < 100" not met by user
> "anne-fleur"
> dovecot-auth: pam_succeed_if: requirement "uid < 100" not met by user "emma"
> dovecot-auth: pam_succeed_if: requirement "uid < 100" not met by user
> "henny"
> crond[6487]: pam_succeed_if: requirement "uid < 100" not met by user
> "mailman"
> crond[6485]: pam_succeed_if: requirement "uid < 100" not met by user "cacti"
> crond[6486]: pam_succeed_if: requirement "uid < 100" was met by user "root"
> 
> I did edit dovecot conf file and set UID/GID start at 500. All users are
> above UID 500.
> Did i missed a config ?

No, those log entries are pretty normal/default.

> Danny

If your are not running NFS you may edit

cat /etc/pam.d/system-auth

and comment the line

account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100

in there with a leading #. You then no longer get those log events.

WARNING: be very very careful when editing PAM setup files!

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.27_FC2smp 
Serendipity 12:28:07 up 13 days, 11:05, load average: 0.48, 0.36, 0.25

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil