问题
I am using this module to authenticate using pam: http://code.google.com/p/web2py/source/browse/gluon/contrib/pam.py
I can call authenticate('username','password') and it returns True/ False. It works for any 'username' but 'root'. My guess is that there is a security restriction in PAM that does not allow to check for the root password.
I need to be able to check the root password. Is there anything I can change in the pam.conf or somewhere else to remove this restriction?
回答1:
I found the answer to your question, the problem is in the default service.
when you call the function authenticate('username','password') make sure you pass an appropriate service too. like authenticate('username','password', 'passwd') or you can add your custom configuration under /etc/pam.d/
here is an example from the webmin project
#%PAM-1.0
auth required pam_unix.so nullok
account required pam_unix.so
session required pam_unix.so
write the previous lines on a file under /etc/pam.d/ and call it 'myconfig' for example, then pass it's name to the function, and it'll work (it did for me) :D
回答2:
I had the same issue root was not getting authenticated. here is the fix
If you use the service 'login' it wont work for root. use,
#authenticate('username','password',service='system-auth')
回答3:
You could use sshd configuration if its a system with ssh server running and should work for root.
authenticate('root','password',service='sshd')
来源:https://stackoverflow.com/questions/2746932/pam-authentication-problem