Bug 753161
Summary: | no warning in syslog when remote authentication fails due to low uid | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Dennis Gilmore <dennis> |
Component: | authconfig | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 16 | CC: | sgallagh, tmraz |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | authconfig-6.1.16-3.fc17 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-11-15 10:14:44 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Dennis Gilmore
2011-11-11 13:53:06 UTC
I suggest that we might want to modify Fedora's copy of pam_unix.so so that if it receives an ID in the old range (500-999) we will print a warning in /var/log/secure that it may interact poorly with the default PAM configuration. I do not like such hack. But it should be possible to make it configurable with additional pam_succeed_if.so + pam_warn.so call. Hmm, actually the best way would be to just replace the quiet option of the auth pam_succeed_if.so line with quiet_success. I'll do that in authconfig. |