From owner-freebsd-questions Fri Jan 21 6:46:20 2000 Delivered-To: freebsd-questions@freebsd.org Received: from linux.ssc.nsu.ru (linux.ssc.nsu.ru [193.124.209.130]) by hub.freebsd.org (Postfix) with SMTP id E864915403 for ; Fri, 21 Jan 2000 06:45:50 -0800 (PST) (envelope-from danfe@ssc.nsu.ru) Received: (qmail 16649 invoked from network); 21 Jan 2000 14:45:47 -0000 Received: from inet.ssc.nsu.ru (62.76.110.12) by hub.freebsd.org with SMTP; 21 Jan 2000 14:45:47 -0000 Received: from localhost (danfe@localhost) by inet.ssc.nsu.ru (8.9.3/8.9.3) with ESMTP id UAA23763 for ; Fri, 21 Jan 2000 20:45:43 +0600 Date: Fri, 21 Jan 2000 20:45:43 +0600 (NOVT) From: "Alexey N. Dokuchaev" Cc: FreeBSD questions list In-Reply-To: <86925t$dsj$1@inner.demon.co.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi! I've written special login.conf to restrict regular users access/auth rights. Particulary, login no more than on 4 consoles, and no login from certain ttys, timelimits, etc. So, it seems that login should call proper pam modules, configured in /etc/pam.conf (which is left default for now, until I figure all things out). The odd thing is that certain restrictions work, such as maxproc limits (and relatives), while the others do not (login sessions number limits, autologoff when timelimit reached, etc). Moreover, I see no PAM[...] entries in syslog logs (I have *.* all go to /dev/ttyvb) -- nothing like this there. So, what program has to check all those? Login? But it inself should be using PAM whenever possible. For instance, under Linux, there's pam_nologin module, which checks for nologin file (/etc/ under linux and /var/run/ under fBSD). I can't see any evidence that PAM routines get called on my system. If you need any addition info, say it ;-) I'm using 3.4-RELEASE. Standard /etc/pam.conf (no pam.d directory), I didn't change that. How to enable PAM? Thanx. ./danfe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message