© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
We could add the line:
auth required pam_succeed_if.so user ingroup xapi
to allow users of group xapi to authenticate. Note that the PAM config in comment #7 allows users in the root *group* to authenticate, which is probably what we want to do. I could be convinced that this more restrictive config is better:
auth required pam_succeed_if.so uid eq 0
Which would only allow the root user (UID 0) to authenticate.
See pam_succeed_if manpage here: http://
Please understand that I am no PAM expert (as you might have guessed). I would appreciate if someone with more PAM experience, possibly from the Ubuntu Security team, would comment on the PAM config that I'm suggesting.