Red Hat Bugzilla – Bug 71040
Please add 'pam-access.so' to /etc/pam.d/system-auth
Last modified: 2007-11-30 17:10:30 EST
Description of Problem:
Please add a line like
| account required /lib/security/pam_access.so
to /etc/pam.d/system-auth. Often, pam_access is the only way to restrict usage
of services (e.g. to prevent some users to login at a nss_ldap enabled system).
I could add it manually to each file in /etc/pam.d, but this is a little bit
impractically and error prone. Because authconfig will remove it from
'system-auth' it is nearly impossible for a user to enable it.
Therefore, 'authconfig' should add it automatically.
Version-Release number of selected component (if applicable):
I will consider this.
You can point the /etc/pam.d/system-auth symlink to /etc/pam.d/system-auth-local
and make it contain:
auth include system-auth-ac
account include system-auth-ac
password include system-auth-ac
session include system-auth-ac
Then you can modify this file to call pam_access.