Mailinglist Archive: opensuse-security (109 mails)

< Previous Next >
Re: [suse-security] Bug with login.defs: DEFAULT_HOME no
  • From: Ashley Gould <agould@xxxxxxxx>
  • Date: Mon, 13 Mar 2006 11:44:38 -0800
  • Message-id: <20060313194438.GF20083@xxxxxxxx>
Thankyou. I inserted the line
session required pam_homecheck.so

into the files:
/etc/pam.d/login
/etc/pam.d/sshd
/etc/pam.d/su

all is well. Can I assume pam overrides directives in /etc/login.defs?



On Sun, Mar 12, 2006 at 09:27:29AM +0100, Dirk Schreiner wrote:
> Hi *,
>
> there is a pam module called
> /lib/security/pam_homecheck.so
> I guess that`s what you want.
>
> Dirk
>
>
> Philippe Vogel schrieb:
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >Ashley Gould schrieb:
> >
> >>Hi list,
> >>
> >>SLES9 i386 sp3
> >>pwdutils-2.6.4-2.25
> >>
> >>
> >>I'm trying to prevent user login when no home directory, but setting
> >>'DEFAULT_HOME no' in /etc/login.defs doesn't seem to have any affect:
> >>
> >>hvxen-0c:~ # grep DEFAULT_HOME /etc/login.defs
> >>hvxen-0c:~ # mv /home/slim/ /home/notslim
> >>
> >>agould@isis:~/ucop/notes/installion> ssh slim@hvxen-0c
> >>Password:
> >>Could not chdir to home directory /home/slim: No such file or directory
> >>slim@hvxen-0c:/>
> >>
> >>
> >>Is there a bug in pwdutils?
> >>or a missing pam config?
> >>
> >
> >Edit /etc/passwd and change login-shell to /bin/false (last entry in
> >each line). This can be set to default (change default ligin-shell to
> >/bin/false with yast). This will set this for any new added user in
> >future. If you like to give one shell-access do give him /bin/bash as
> >shell.
> >
> >Regards
> >
> >Philippe
> >
> >- --
> >Diese Nachricht ist digital signiert und enthält weder Siegel noch
> >Unterschrift!
> >
> >Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt
> >gegen §1 UWG und 823 I BGB (Beschluß des LG Berlin vom 2.8.1998 Az:
> >16 O 201/98). Jede kommerzielle Nutzung der übermittelten
> >persönlichen Daten sowie deren Weitergabe an Dritte ist ausdrücklich
> >untersagt!
> >-----BEGIN PGP SIGNATURE-----
> >Version: GnuPG v1.4.2 (MingW32)
> >Comment: GnuPT 2.7.2
> >Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >
> >iQD1AwUBRBLp+0Ng1DRVIGjBAQImuAb/VXer3jkV9Lv+emxhddKGsuxtrYJoTCae
> >12w874bP5mQDPANAdkH+Ao6R6VRVmXS2A8t5upDVlZJT1gAFsZIhbSuJs471U2sF
> >Ar62d1q+e1beqE1TWR+QNSConRN/vbySy5jxxX2XyRfxHNGZ8jQ/lk0f6HSlYe8e
> >zdV4SewCAQCGzD14C2ECUdQsJ7EDhYBhchAamq8aeqFXtC0OqF53M2YeuzUTZCtp
> >3i3YcQ6vN5Fu7DqRKmn6XyJztUJ6mVssJX2VgsuZi8oPOZzAzTj5NG9zyXL5XmUM
> >olJkN6N8qmc=
> >=e3mb
> >-----END PGP SIGNATURE-----
> >
> >
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> TRIA IT-consulting GmbH
> Joseph-Wild-Straße 20
> 81829 München
> Germany
> Tel: +49 (89) 92907-0
> Fax: +49 (89) 92907-100
> http://www.tria.de
>
>
> Registergericht München HRB 113466
> USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600
> Geschäftsführer: Richard Hofbauer
> kaufm. Geschäftsleitung: Rosa Igl
> --------------------------------------------------------
> Nachricht von: Dirk.Schreiner@xxxxxxx
> Nachricht an: filiaap@xxxxxxxxxx, suse-security@xxxxxxxx
> # Dateianhänge: 0
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>

--

-ashley

Did you try poking at it with a stick?


< Previous Next >
Follow Ups