Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 5 Jun 2007 11:00:17 GMT
From:      =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To:        freebsd-bugs@FreeBSD.org
Subject:   Re: bin/112574: sshd(8) ignores nologin(5) if using PAM and public key
Message-ID:  <200706051100.l55B0HeF007959@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/112574; it has been noted by GNATS.

From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: Yar Tikhiy <yar@comp.chem.msu.su>
Cc: bug-followup@freebsd.org
Subject: Re: bin/112574: sshd(8) ignores nologin(5) if using PAM and public key
Date: Tue, 05 Jun 2007 12:42:04 +0200

 Yar Tikhiy <yar@comp.chem.msu.su> writes:
 > Second, it adds an account management function identical to the
 > authentication one so that pam_nologin can always work for sshd.
 
 Strictly speaking, pam_nologin should implement pam_sm_acct_mgmt() and
 *not* implement pam_sm_authenticate().  However, doing so at this point
 would break existing configurations.  You may want to discuss the
 possibility of doing just that for 7.0 with re@.
 
 DES
 --=20
 Dag-Erling Sm=C3=B8rgrav - des@des.no



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200706051100.l55B0HeF007959>