[687] in RedHat Linux List
Re: Strange problem with PAM and .rhosts
daemon@ATHENA.MIT.EDU (Klaus Tilk)
Thu Oct 24 06:47:52 1996
To: redhat-list@redhat.com
In-reply-to: Your message of "Tue, 22 Oct 1996 10:33:08 EDT."
<Pine.LNX.3.95.961022103005.10944A-100000@helix.cs.cuc.edu>
Date: Thu, 24 Oct 1996 12:45:56 +0200
From: Klaus Tilk <tilk@atbode42.informatik.tu-muenchen.de>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
On 22 Oct 1996 Elliot Lee wrote:
> I'm guessing that the NFS client can't read the ~user/.rhosts because
> root_squash is on (which it should be) so root on the client becomes
> nobody on the server as far as NFS is concerned, and the ~user/.rhosts is
> not world readable (which is also correct).
right and wrong imho
1) here we have a very heterogeous lan
aix, irix, sunos, solaris, hpux and linux
until now everything worked fine except under hpux (no comment)
with the following permissions
-rw------- 1 tilk 287 Oct 21 15:17 .rhosts
home is imported via nfs
2) looking at the sources for Linux-PAM-0.50/modules/pam_rhosts/pam_rhosts_auth
.c
you will see
/*
* Change effective uid while opening .rhosts. If root and
* reading an NFS mounted file system, can't read files that
* are protected read/write owner only.
*/
uid = geteuid();
(void)seteuid(pwd->pw_uid);
hostf = fopen(pbuf, "r");
(void)seteuid(uid);
the right way i think
but as Magnus Hammerin wrote on 22 Oct 1996 :
> I have a problem that is probably NFS related. If I try to logon from
> one machine to another I have to enter the password even though the
> machine is listed in the .rhosts file. If I cat my .rhosts file (which
> resides on a NFS mounted filesystem) on the host I try to logon to. I
> can logon without giving a password, as it should be.
> It seems like the pam module doesn't find anything in the file if it is
> not in the filebuffer, if the filesystem is NFS mounted. If I try the
> same with a local filesystem, it works fine.
same here
3) we wanted to use redhat 4.0 for our linux installions, but
the above problem forced us to use debian instead
btw who decided to use PAM ? i've seen it anywhere else
4) until now there seems to be no working solution for redhat , am i right ?
klaus
------
Klaus Tilk | phone: +49-89-2105-8257
Technische Universitaet Muenchen | fax : +49-89-2105-8232
Institut fuer Informatik |
Arcisstrasse 21 | email:
80290 Muenchen Germany | tilk@informatik.tu-muenchen.de
--
PLEASE read the Red Hat FAQ, Tips, HOWTO and the MAILING LIST ARCHIVES!
________________________________________________________________________
http://www.redhat.com/RedHat-FAQ http://www.redhat.com/RedHat-HOWTO
http://www.redhat.com/RedHat-Tips http://www.redhat.com/mailing-lists
------------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe redhat-list-request@redhat.com < /dev/null
