From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Thu, 23 Dec 2004 15:06:13 +0300 From: "Dmitry V. Levin" To: ALT Linux general discussion list Subject: Re: [Comm] read-only access to all shadow files Message-ID: <20041223120613.GB8772@basalt.office.altlinux.org> References: <1103754004.2603.0.camel@anton_home.fesb.ru> <38328.194.67.216.221.1103776763.squirrel@www.samdu.uz> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="+g7M9IMkV8truYOl" Content-Disposition: inline In-Reply-To: <38328.194.67.216.221.1103776763.squirrel@www.samdu.uz> X-fingerprint: 9658 398D 181B 1200 8FC5 26B8 F6F8 846B C1E2 3429 X-BeenThere: community@altlinux.ru X-Mailman-Version: 2.1.5 Precedence: list Reply-To: community@altlinux.ru List-Id: Mailing list for ALT Linux users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Dec 2004 12:06:33 -0000 Archived-At: List-Archive: List-Post: --+g7M9IMkV8truYOl Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 23, 2004 at 09:39:23AM +0500, Nizamov Shavkat wrote: > > =E9 =D0=C5=D2=C5=CB=CC=C0=DE=C9=CC=D3=D1 =CE=C1 =CD=CF=C4=D5=CC=D8 mod_= auth_pam > > =FE=C5=D3=D4=CE=CF =D3=CB=C1=DE=C1=D7 =C9=D3=C8=CF=C4=CE=C9=CB=C9 =C9 = =D5=D3=D4=C1=CE=CF=D7=C9=D7 =D0=C1=CB=C5=D4 apache2-devel =D1 =D3=CF=C2=D2= =C1=CC =C4=C1=CE=CE=D9=CA > > =CD=CF=C4=D5=CC=D8. =EE=CF =D2=C1=C4=CF=D3=D4=D8 =CF=CB=C1=DA=C1=CC=C1= =D3=D8 =D0=D2=C5=D6=C4=C5=D7=D2=C5=CD=C5=CE=CE=CF=CA =CF=CE =CE=C5 =DA=C1= =D2=C1=C2=CF=D4=C1=CC =C1 =D7 =CC=CF=C7=C1=C8 > > =D0=CF=D1=D7=C9=CC=C1=D3=D8 =CE=C1=C4=D0=C9=D3=D8 =D3=CC=C5=C4=D5=C0=DD= =C5=C7=CF =D7=C9=C4=C1: > > [Wed Dec 15 20:36:59 2004] [error] [client 127.0.0.1] PAM: user 'anton' > > - not authenticated: Authentication service cannot retrieve > > authentication info. >=20 > =CE=C1=D3=CB=CF=CC=D8=CB=CF =D1 =D0=CF=CD=CE=C0 =D3=D4=C9=CC=D8 =D7=D9=D3= =CB=C1=DA=D9=D7=C1=CE=C9=D1 ldv - =CE=C9 =CF=C4=C9=CE =D0=D2=CF=C3=C5=D3=D3= =CE=C5 =CD=CF=D6=C5=D4 > =CF=D0=D2=C5=C4=C5=CC=C9=D4=D8 =D0=D2=C1=D7=C9=CC=D8=CE=CF=D3=D4=D8 =D0= =C1=D2=CF=CC=D1 =D0=CF=CC=D8=DA=CF=D7=C1=D4=C5=CC=D1, =C5=D3=CC=C9 =D4=CF= =CC=D8=CB=CF =DC=D4=CF=D4 =D0=D2=CF=C3=C5=D3=D3 =CE=C5 > =D2=C1=C2=CF=D4=C1=C5=D4 =D3 =D2=D5=D4=CF=D7=D9=CD=C9 =D0=D2=C1=D7=C1=CD= =C9. =C4=D5=CD=C1=C0 =D7=C1=CD =D0=D2=CF=D3=D4=CF =CE=C5 =C8=D7=C1=D4=C9=CC= =CF =D3=D5=C9=C4=CE=CF=C7=CF =C2=C9=D4=C1 =CE=C1 > =CD=CF=C4=D5=CC=D8 pam. =F7=D2=D1=C4 =CC=C9 =D1 =CD=CF=C7 =D3=CB=C1=DA=C1=D4=D8 =D7 =D4=CF=DE=CE=CF= =D3=D4=C9 =D4=C1=CB=CF=C5, =D0=CF=D3=CB=CF=CC=D8=CB=D5 =D7 tcb(5) =CE=C1=D0= =C9=D3=C1=CE=CF: If a process needs to possess read-only access to all shadow files, it is sufficient to assign it supplementary groups "shadow" and "auth". --=20 ldv --+g7M9IMkV8truYOl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFByrS19viEa8HiNCkRAqcrAJ0XW8u13AJtOboJnRm0uo3Uc7I0oACdF1CA LvOWPUcL4gOMTTbk65Wj2B8= =dVcz -----END PGP SIGNATURE----- --+g7M9IMkV8truYOl--