Project

General

Profile

Bug #40672

Write out pam configuration files in /etc/pam.d/ if they don't already exist

Added by John Hixson 12 months ago. Updated 11 months ago.

Status:
Done
Priority:
No priority
Assignee:
John Hixson
Category:
OS
Target version:
Seen in:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
No
Needs Doc:
No
Needs Merging:
No
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

root@catherder:/etc/pam.d # midclt call etc.generate pam
null
root@catherder:/etc/pam.d # ls -l
total 60
-rw-r--r--  1 root  wheel   312 Jul  9 14:24 atrun
-rw-r--r--  1 root  wheel   189 Jul  9 14:24 cron
-rw-r--r--  1 root  wheel   724 Jul  9 14:29 ftp
-rw-r--r--  1 root  wheel   724 Jul  9 14:29 ftpd
-rw-r--r--  1 root  wheel   355 Jul  9 14:24 imap
-rw-r--r--  1 root  wheel   516 Jul  9 14:29 login
-rw-r--r--  1 root  wheel   661 Jul  9 14:24 other
-rw-r--r--  1 root  wheel   308 Jul  9 14:24 passwd
-rw-r--r--  1 root  wheel   355 Jul  9 14:24 pop3
-r--r--r--  1 root  wheel  2898 Jul  9 14:24 README
-rw-r--r--  1 root  wheel  1005 Jul  9 14:29 sshd
-rw-r--r--  1 root  wheel   545 Jul  9 14:29 su
-rw-r--r--  1 root  wheel   704 Jul  9 14:24 system
-rw-r--r--  1 root  wheel   754 Jul  9 14:24 telnetd
-rw-r--r--  1 root  wheel   519 Jul  9 14:24 xdm

In above output netatalk is missing. Touch file and re-run.

root@catherder:/etc/pam.d # touch netatalk
root@catherder:/etc/pam.d # midclt call etc.generate pam
null
root@catherder:/etc/pam.d # cat netatalk
#
# PAM configuration for the "netatalk" service
#

# auth
auth        sufficient    pam_opie.so        no_warn no_fake_prompts
auth        requisite    pam_opieaccess.so    no_warn allow_local
auth        sufficient    /usr/local/lib/pam_sss.so    ignore_authinfo_unavail quiet
#auth        sufficient    pam_krb5.so        no_warn
#auth        sufficient    pam_ssh.so        no_warn try_first_pass
auth        required    pam_unix.so        no_warn try_first_pass

# account
account        required    pam_nologin.so
account        sufficient    /usr/local/lib/pam_sss.so    ignore_authinfo_unavail quiet
#account    required    pam_krb5.so
account        required    pam_unix.so

# session
session        required    pam_permit.so
session        required    /usr/local/lib/pam_mkhomedir.so

# password
#password    sufficient    pam_krb5.so        no_warn try_first_pass
password    sufficient    /usr/local/lib/pam_sss.so    use_authtok quiet
password    required    pam_unix.so        no_warn try_first_pass

This is also the case for other missing pam files.


Related issues

Related to FreeNAS - Bug #40720: Replace (nss|pam)_ldap with nss-pam-ldapdDone
Copied from FreeNAS - Bug #37138: Write out pam configuration files in /etc/pam.d/ if they don't already existDone

Associated revisions

Revision b00558f9 (diff)
Added by John Hixson 12 months ago

Write out files if they don't exist

Ticket: #37138
(cherry picked from commit 53a974326c98cac536c0430124cdb1fc0e4223c4)

(11.1-stable)
Ticket: #40672

Revision 8f2b249a (diff)
Added by John Hixson 12 months ago

Mark changes on newly created files

(cherry picked from commit ad78bca3aa93c413b8c14a15c916a815545a65e3)

(11.1-stable)
Ticket: #40672

History

#1 Updated by John Hixson 12 months ago

  • Copied from Bug #37138: Write out pam configuration files in /etc/pam.d/ if they don't already exist added

#2 Updated by John Hixson 12 months ago

#3 Updated by Dru Lavigne 11 months ago

  • Related to Bug #40720: Replace (nss|pam)_ldap with nss-pam-ldapd added

#5 Updated by Dru Lavigne 11 months ago

  • Status changed from Unscreened to Ready for Testing
  • Needs QA changed from No to Yes

#6 Updated by Bonnie Follweiler 11 months ago

  • Status changed from Ready for Testing to Passed Testing
  • Needs QA changed from Yes to No

Test Passed in FreeNAS-11.1-U6-INTERNAL4

#7 Updated by Dru Lavigne 11 months ago

  • Status changed from Passed Testing to Done

Also available in: Atom PDF