Date: Tue, 5 Jun 2007 11:00:17 GMT From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/112574: sshd(8) ignores nologin(5) if using PAM and public key Message-ID: <200706051100.l55B0HeF007959@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/112574; it has been noted by GNATS. From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Yar Tikhiy <yar@comp.chem.msu.su> Cc: bug-followup@freebsd.org Subject: Re: bin/112574: sshd(8) ignores nologin(5) if using PAM and public key Date: Tue, 05 Jun 2007 12:42:04 +0200 Yar Tikhiy <yar@comp.chem.msu.su> writes: > Second, it adds an account management function identical to the > authentication one so that pam_nologin can always work for sshd. Strictly speaking, pam_nologin should implement pam_sm_acct_mgmt() and *not* implement pam_sm_authenticate(). However, doing so at this point would break existing configurations. You may want to discuss the possibility of doing just that for 7.0 with re@. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200706051100.l55B0HeF007959>