To test the results, a configuration file must be created. This file will be removed after the tests have completed. Ensure there are no errors produced by the tests before continuing the installation. First create the configuration file by issuing the following commands as the root user:
My notes: above it says to create the test config file and after the test the file will be removed. Below you create the file and a directory that will be used later. (or not if you want to go the other way) install -v -m755 -d /etc/pam.d && cat > /etc/pam.d/other << "EOF" auth required pam_deny.so account required pam_deny.so password required pam_deny.so session required pam_deny.so EOF Now run the tests by issuing make check. Remove the configuration file created earlier by issuing the following command as the root user: rm -rfv /etc/pam.d My notes: The step above removes the directory. My notes: now you get to the configuration after the install and have to put the directory and other file back. Configuring Linux-PAM Config Files /etc/security/* and /etc/pam.d/* or /etc/pam.conf Configuration Information why not just skip the entire rm step above and just overwrite the other file you created earlier. also later in the shadow config steps you over write the other file again. Step from shadow Other Currently, /etc/pam.d/other is configured to allow anyone with an account on the machine to use PAM-aware programs without a configuration file for that program. After testing Linux-PAM for proper configuration, install a more restrictive other file so that program-specific configuration files are required: cat > /etc/pam.d/other << "EOF" # Begin /etc/pam.d/other auth required pam_deny.so auth required pam_warn.so account required pam_deny.so account required pam_warn.so password required pam_deny.so password required pam_warn.so session required pam_deny.so session required pam_warn.so # End /etc/pam.d/other EOF -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
