josef Karliak wrote:
is there possible to set up PAM to search for users and passwords in another file, for example "/etc/external_accounts" ? With 3DES password's hash...
I recently had this problem too some time ago. I saw "pam_userdb", but the available crypt options (crypt, none) did not fulfilled my needs. So I worked around the problem with a special PAM configure. Instead of having two user/password lists, I allow/forbid the authentication for the services separately. This is the configuration for the service XYZ with it's own user list (all users of group "xyz-users"): /etc/pam.d/xyz # PAM configuration file for XYZ # requires that the user's uid is greater than or equal to 1000. auth requisite pam_succeed_if.so uid >= 1000 quiet #requires that the user belongs to the xyz-users group. auth requisite pam_succeed_if.so user ingroup xyz-users quiet #@include common-auth @include common-account @include common-password @include common-session And this is the common configuration file for all other services: /etc/pam.d/common-auth: auth required pam_succeed_if.so user notingroup xyz-users quiet auth sufficient pam_unix2.so auth [success=1 default=ignore] pam_unix.so nullok_secure auth requisite pam_deny.so auth required pam_permit.so All XYZ service users must be a member of group "xyz-users" and must have a UID >= 1000. Greetings, Björn -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org