All
Estou tendo problemas em conseguir logar na minha estacao, ela esta configurada para trabalhar com o ldap e o pam.
Ate agora eu fiz o seguinte :
# # SERVIDOR ##########
$ aptitude install nfs-common nfs-user-server -y
$ vi /etc/ldap/ldap.conf
pam_filter objectclass=posixaccount
pam_login_attibute uid
pam_member_attribute gid
pam_password shadow$ vi /etc/exports
/home *(rw,root_squash,sync)$ mv /etc/pam.d/login /etc/pam.d/login.BACKUP
$ vi /etc/pam.d/login
auth required pam_nologin.so
auth sufficient pam_ldap.so
auth sufficient pam_unix.so shadow use_first_pass
auth required pam_deny.so
account sufficient pam_unix.so
account sufficient pam_ldap.so
account required pam_deny.so$ mv /etc/pam.d/passwd /etc/pam.d/passwd.BACKUP
$ vi /etc/pam.d/passwd
password sufficient pam_ldap.so$ mv /etc/pam.d/ssh /etc/pam.d/ssh.BACKUP
$ vi /etc/pam.d/ssh
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_unix_auth.so try_first_pass
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix_acct.so
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_ldap.so
password required /lib/security/pam_pwdb.so use_first_pass
session required /lib/security/pam_unix_session.so$ mv /etc/pam.d/su /etc/pam.d/su.BACKUP
$ vi /etc/pam.d/su
auth sufficient pam_rootok.so
auth sufficient pam_ldap.so
auth required pam_unix.so use_first_pass
account sufficient pam_ldap.so
account required pam_unix.so
session sufficient pam_ldap.so
session required pam_unix.so$ vi /etc/pam.d/gdm
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_unix.so shadow nullok
auth required /lib/security/pam_ldap.so use_first_pass
account sufficient /lib/security/pam_unix.so
account required /lib/security/pam_ldap.so use_first_pass
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_unix.so shadow nullok
use_authtok
password required /lib/security/pam_ldap.so use_first_pass
session required /lib/security/pam_unix.so
session optional /lib/security/pam_console.so$ mv /etc/pam_ldap.conf /etc/pam_ldap.conf.BACKUP
$ vi /etc/pam_ldap.conf
binddn cn=admin,dc=openware,dc=com,dc=br
bindpw SENHA_LDAP
rootbinddn cn=admin,dc=openware,dc=com,dc=br
pam_password SENHA_LDAP$ vi /etc/security/access.conf
+:ALL:ALL# # CLIENTE ##########
$ aptitude install slapd nfs-common nfs-user-server -y
$ aptitude install libnss-ldap libpam-ldap -y
# Carregando os modulos nfs e nfsd do kernel $ modprobe nfs $ modprobe nfsd
$ vi /etc/ldap/ldap.conf
host 192.168.1.3
base dc=openware,dc=com,dc=br
binddn cn=admin,dc=openware,dc=com,dc=br pam_filter objectclass=posixaccount
pam_login_attibute uid
pam_member_attribute gid
pam_password shadow$ mv /etc/pam.d/login /etc/pam.d/login.BACKUP
$ vi /etc/pam.d/login
auth required pam_nologin.so
auth sufficient pam_ldap.so
auth sufficient pam_unix.so shadow use_first_pass
auth required pam_deny.so
account sufficient pam_unix.so
account sufficient pam_ldap.so
account required pam_deny.so$ mv /etc/pam.d/passwd /etc/pam.d/passwd.BACKUP
$ vi /etc/pam.d/passwd
password sufficient pam_ldap.so$ mv /etc/pam.d/ssh /etc/pam.d/ssh.BACKUP
$ vi /etc/pam.d/ssh
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_unix_auth.so try_first_pass
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix_acct.so
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_ldap.so
password required /lib/security/pam_pwdb.so use_first_pass
session required /lib/security/pam_unix_session.so$ mv /etc/pam.d/su /etc/pam.d/su.BACKUP
$ vi /etc/pam.d/su
auth sufficient pam_rootok.so
auth sufficient pam_ldap.so
auth required pam_unix.so use_first_pass
account sufficient pam_ldap.so
account required pam_unix.so
session sufficient pam_ldap.so
session required pam_unix.so$ mv /etc/pam.d/gdm /etc/pam.d/gdm.BACKUP
$ vi /etc/pam.d/gdm
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_unix.so shadow nullok
auth required /lib/security/pam_ldap.so use_first_pass
account sufficient /lib/security/pam_unix.so
account required /lib/security/pam_ldap.so use_first_pass
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_unix.so shadow nullok
use_authtok
password required /lib/security/pam_ldap.so use_first_pass
session required /lib/security/pam_unix.so
session optional /lib/security/pam_console.so$ mv /etc/pam_ldap.conf /etc/pam_ldap.conf.BACKUP
$ vi /etc/pam_ldap.conf
binddn cn=admin,dc=openware,dc=com,dc=br
bindpw SENHA_LDAP
rootbinddn cn=admin,dc=openware,dc=com,dc=br
pam_password SENHA_LDAP$ vi /etc/security/access.conf
+:ALL:ALL$ vi /etc/fstab
192.168.1.3:/home /home nfs defaults,users 0 0$ vi /etc/nsswitch.conf
passwd: files ldap
group: files ldap
shadow: files ldap� alguma coisa que eu estou esqucendo de fazer. O interessante � que no console eu n�o consigo logar como root, mas atrav�s do gdm eu consigo. Outra coisa que eu notei � que eu consigo logar como root via ssh
---------------------------------------------------------------------------
Esta lista � patrocinada pela Conectiva S.A. Visite http://www.conectiva.com.br
Arquivo: http://bazar2.conectiva.com.br/mailman/listinfo/linux-br Regras de utiliza��o da lista: http://linux-br.conectiva.com.br FAQ: http://www.zago.eti.br/menu.html
