* [pve-devel] [PATCH access-control] change PAM service name
@ 2020-11-20 10:05 Wolfgang Bumiller
2020-11-20 13:53 ` [pve-devel] applied: " Thomas Lamprecht
0 siblings, 1 reply; 2+ messages in thread
From: Wolfgang Bumiller @ 2020-11-20 10:05 UTC (permalink / raw)
To: pve-devel
Instead of 'common-auth' use 'proxmox-ve-auth', this way
users can override PAM authentication settings via
`/etc/pam.d/proxmox-ve-auth`.
If the file does not exist, pam will use `/etc/pam.d/other`
which by default behaves like `common-auth`.
Note that this *can* be different from directly using
`common-auth` *if* a user has actually modified
`/etc/pam.d/other` for some reason.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
PVE/Auth/PAM.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/Auth/PAM.pm b/PVE/Auth/PAM.pm
index 42feba8..d016f83 100755
--- a/PVE/Auth/PAM.pm
+++ b/PVE/Auth/PAM.pm
@@ -27,7 +27,7 @@ sub authenticate_user {
# user (www-data) need to be able to read /etc/passwd /etc/shadow
die "no password\n" if !$password;
- my $pamh = new Authen::PAM('common-auth', $username, sub {
+ my $pamh = new Authen::PAM('proxmox-ve-auth', $username, sub {
my @res;
while(@_) {
my $msg_type = shift;
--
2.20.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [pve-devel] applied: [PATCH access-control] change PAM service name
2020-11-20 10:05 [pve-devel] [PATCH access-control] change PAM service name Wolfgang Bumiller
@ 2020-11-20 13:53 ` Thomas Lamprecht
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Lamprecht @ 2020-11-20 13:53 UTC (permalink / raw)
To: Proxmox VE development discussion, Wolfgang Bumiller
On 20.11.20 11:05, Wolfgang Bumiller wrote:
> Instead of 'common-auth' use 'proxmox-ve-auth', this way
> users can override PAM authentication settings via
> `/etc/pam.d/proxmox-ve-auth`.
>
> If the file does not exist, pam will use `/etc/pam.d/other`
> which by default behaves like `common-auth`.
>
> Note that this *can* be different from directly using
> `common-auth` *if* a user has actually modified
> `/etc/pam.d/other` for some reason.
>
> Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
> ---
> PVE/Auth/PAM.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>
applied, adding "fixes #1670" to the commit subject, thanks!
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-11-20 13:53 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-20 10:05 [pve-devel] [PATCH access-control] change PAM service name Wolfgang Bumiller
2020-11-20 13:53 ` [pve-devel] applied: " Thomas Lamprecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox