You are not logged in.

#1 2018-12-03 09:52:25

vieri
Member
Registered: 2018-12-03
Posts: 14

samba + pam + winbind

Hi,

I'm new to Arch Linux, and I come from Gentoo.

On the latter, I use a custom ebuild that:

1) installs ${SAMBA_SOURCE_CODE}/examples/pam_winbind/pam_winbind.conf to /etc/security/

2) installs a file called system-auth-winbind to /etc/pam.d/ which content is:

auth        required      pam_env.so
auth        sufficient    pam_winbind.so
auth        sufficient    pam_unix.so likeauth nullok use_first_pass
auth        required      pam_deny.so

account     sufficient    pam_winbind.so
account     required      pam_unix.so

password    required      pam_cracklib.so retry=3
password    sufficient    pam_unix.so nullok use_authtok md5 shadow
password    required      pam_deny.so

session     required      pam_mkhomedir.so skel=/etc/skel/ umask=0077
session     required      pam_limits.so
session     required      pam_unix.so

The above steps allow me then to easily decide which service can use winbind authentication.
For instance, I can allow sshd tu use it:

/etc/pam.d/sshd:
auth       include      system-auth-winbind
account    include      system-auth-winbind
password   include      system-auth-winbind
session    include      system-auth-winbind

The Arch Linux package manager doesn't seem to include this.
Can it be added?

Offline

Board footer

Powered by FluxBB