PAM Module Patch and Feature
David Mitchell
mitchell at ucar.edu
Thu Mar 22 23:27:44 CET 2007
David Mitchell wrote:
> Frank Cusack wrote:
>> On March 22, 2007 10:28:36 AM -0700 Frank Cusack <fcusack at fcusack.com>
>> wrote:
>>> The ruser feature has been commited. Alan, could you roll up a new
>>> release? -frank
>> Actually, hold off on that. I have another change I've been working on
>> for awhile that I'd like to commit.
>
> I would actually like to do a little more testing as well before it's
> committed. I get very different behavior in 'su' versus 'sudo' which I
> want to understand better. I think it's something with the clients and
> not the PAM modules. Either way, I want to make sure I understand it in
> case it's something my patch is doing.
I think I figured out the source for the 'odd' behavior I was seeing. In
a nutshell, my timeout on the PAM module side was shorter than the delay
imposed by the freeradius server for bad passwords. I need to play
around more and find out what a 'safe' value is. Do you happen to know
where in the freeradius/otpd/lsmd chain the bad password delay is being
imposed? I can probably find it, but I'm guessing that you know.
-David
>
> -David
>
>> -frank
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
>
>
--
-----------------------------------------------------------------
| David Mitchell (mitchell at ucar.edu) Network Engineer IV |
| Tel: (303) 497-1845 National Center for |
| FAX: (303) 497-1818 Atmospheric Research |
-----------------------------------------------------------------
More information about the Freeradius-Devel
mailing list