From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <raorn@cnt.ru>
Date: Tue, 2 Jan 2007 15:10:20 +0300
From: "Alexey I. Froloff" <raorn@immo.ru>
To: ALT Devel discussion list <devel@lists.altlinux.org>
Message-ID: <20070102121020.GB8374@hell.immo.ru>
References: <4597BBED.20701@altlinux.ru> <200701021224.08848.asy@altlinux.ru>
	<459A270A.2080008@altlinux.ru> <459A2CF5.9020001@altlinux.ru>
	<20070102112453.GP1644@osdn.org.ua>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="MfFXiAuoTsnnDAfZ"
Content-Disposition: inline
In-Reply-To: <20070102112453.GP1644@osdn.org.ua>
User-Agent: Mutt/1.5.13 (2006-08-11)
Subject: Re: [devel] re alterator-auth (local/ldap)
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.9rc1
Precedence: list
Reply-To: ALT Devel discussion list <devel@lists.altlinux.org>
List-Id: ALT Devel discussion list <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jan 2007 12:10:21 -0000
Archived-At: <http://lore.altlinux.org/devel/20070102121020.GB8374@hell.immo.ru/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


--MfFXiAuoTsnnDAfZ
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Michael Shigorin <mike@> [070102 14:32]:
> > =E1 =D0=CC=C1=CE=C9=D2=D5=C5=D4=D3=D1 =CC=C9 =D7=D9=C2=CF=D2 =D7=C1=D2=
=C9=C1=CE=D4=CF=D7 =D3=C9=D3=D4=C5=CD=D9 =C1=D7=D4=CF=D2=C9=DA=C1=C3=C9=C9,=
 =D7
> > =DE=C1=D3=D4=CE=CF=D3=D4=C9 =C9=CE=D4=C5=D2=C5=D3=D5=C5=D4, =CD=CF=D6=
=CE=CF =CC=C9 =CE=C1 =D3=D4=C1=C4=C9=C9 =D5=D3=D4=C1=CE=CF=D7=CB=C9 =D5=CB=
=C1=DA=C1=D4=D8,
> > =DE=D4=CF =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1=D4=D8 LDAP?
> =E4=CC=D1 =DC=D4=CF=C7=CF =CE=C1=C4=CF =CE=C1=DE=C1=D4=D8 =D3 control sys=
tem-auth =C9 =D0=CF=D7=C5=D2=C8 =CE=C5=C7=CF --
> alterator-auth.  =E1 =D0=CF=D3=CC=C5 =D2=C5=DB=C5=CE=C9=D1 =D3=C1=CD=CF=
=C7=CF =CE=C1=D3=D5=DD=CE=CF=C7=CF =D7=CF=D0=D2=CF=D3=C1
> =D0=D2=C9=CB=C9=C4=D9=D7=C1=D4=D8, =CB=C1=CB =C4=CF=C2=C1=D7=CC=D1=D4=D8 =
=D5=CD=C5=CE=C9=C5 =D0=CF=CC=D8=DA=CF=D7=C1=D4=D8=D3=D1 =C4=D2=D5=C7=C9=CD=
=C9 =D3=C8=C5=CD=C1=CD=C9
=E5=D3=D4=D8 =CD=CE=C5=CE=C9=C5, =DE=D4=CF =D7 =D4=C1=CB=CF=CD =D3=CC=D5=DE=
=C1=C5 system-auth =C4=CF=CC=D6=C5=CE =C2=D9=D4=D8
"=DA=C1=C7=CC=D5=DB=CB=CF=CA" =D3 =D7=D9=DA=CF=D7=CF=CD system-auth-=DE=D4=
=CF-=D4=CF-=D4=C1=CD (ldap, sql, wtf), =C1
=CF=CE =D7 =D3=D7=CF=C0 =CF=DE=C5=D2=C5=C4=D8 =C4=CF=CC=D6=C5=CE =DA=D7=C1=
=D4=D8 system-auth-use_first_pass.

=E6=C9=DB=CB=C1 =D7 =D4=CF=CD, =DE=D4=CF =D0=C1=D2=CF=CC=D8 =C4=CF=CC=D6=C5=
=CE =D3=D0=D2=C1=DB=C9=D7=C1=D4=D8=D3=D1 =CF=C4=C9=CE =D2=C1=DA, =C1 =D7=D3=
=C5
=CD=CF=C4=D5=CC=C9 =C4=CF=CC=D6=CE=D9 =D7=D9=DA=D9=D7=C1=D4=D8=D3=D1 =D3 us=
e_first_pass/try_first_pass.

=FC=D4=CF =D1 =D3=CD=CF=D4=D2=C0 =CE=C1 =D3=D7=CF=CA system-auth, system-au=
th-use_first_pass =C9
xscreensaver.  =F7 s-a =C9 s-a-u_f_p =C5=D3=D4=D8 =C4=D5=C2=CC=C9=D2=CF=D7=
=C1=CE=C9=C5 =CB=CF=C4=C1, xss
=DA=CF=D7=A3=D4 pam_userpass.so =C9 =D0=CF=D4=CF=CD s-a-u_f_p, =C1 =CD=CF=
=CA system-auth-ldap
=D4=D2=A3=C8=CC=C5=D4=CE=C5=CA =C4=C1=D7=CE=CF=D3=D4=C9 =C9 =CE=C5=C9=DA=D7=
=C5=D3=D4=CE=CF=CA =D2=C1=C2=CF=D4=CF=D3=D0=CF=D3=CF=C2=CE=CF=D3=D4=C9 =D7=
=D9=C7=CC=D1=C4=C9=D4
=D3=CC=C5=C4=D5=C0=DD=C9=CD =CF=C2=D2=C1=DA=CF=CD:

$ diff -u system-auth system-auth-ldap
--- system-auth 2005-08-26 03:52:30 +0400
+++ system-auth-ldap    2003-10-28 23:18:37 +0300
@@ -1,8 +1,11 @@
 #%PAM-1.0
-auth     required      pam_tcb.so shadow fork prefix=3D$2a$ count=3D8 null=
ok
-account  required      pam_tcb.so shadow fork
-account  required      pam_mktemp.so
+auth     sufficient    pam_ldap.so
+auth     required      pam_tcb.so shadow fork prefix=3D$2a$ count=3D8 null=
ok try_first_pass
+account  sufficient    pam_ldap.so
+account  required      pam_tcb.so shadow fork try_first_pass
 password required      pam_passwdqc.so min=3Ddisabled,24,12,8,7 max=3D40 p=
assphrase=3D3 match=3D4 similar=3Ddeny random=3D42 enforce=3Dusers retry=3D3
-password required      pam_tcb.so use_authtok shadow fork prefix=3D$2a$ co=
unt=3D8 nullok write_to=3Dtcb
+password sufficient    pam_ldap.so
+password required      pam_tcb.so use_authtok shadow fork prefix=3D$2a$ co=
unt=3D8 write_to=3Dtcb
+session  required      pam_mkhomedir.so skel=3D/etc/skel/ umask=3D0077
 session  required      pam_tcb.so
 session  required      pam_limits.so

--=20
Regards,
Sir Raorn.

--MfFXiAuoTsnnDAfZ
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFFmkusVqT7+fkT8woRAo2SAJ9R2kP5EhPsvm6o820MnG2wjUPSbQCeJYyx
i6USPgDhm1TNA78wDCyvn68=
=WTxL
-----END PGP SIGNATURE-----

--MfFXiAuoTsnnDAfZ--