Re: AIX 5.3 LDAP PAM PrivilegeSeperation
From: Darren Tucker (dtucker_at_gate.dodgy.net.au)
Date: 11/27/05
- Previous message: Giorgio Corani: "issue with name resolution"
- In reply to: KS: "Re: AIX 5.3 LDAP PAM PrivilegeSeperation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 27 Nov 2005 10:59:08 GMT
On 2005-11-21, KS <khatirsaiyed@templeinland.com> wrote:
> Thanks Darren.
>
> By enabling privsep it works fine except password expiry warning
> messages are not displayed to the clients. Do we have a workaround to
> display warning message when running sshd in privsep enabled mode ?
>
> I'll also try rebuilding with suggested CFLAGS.
Further info: someone else reported the same problem with the native
pam_unix on AIX 5.3 (actually, pam_aix, which provides a shim between
PAM and AIX's native authentication system) and the suggested addition
to CFLAGS resolved it. I also confirmed this to also be the case for
AIX 5.2 (I hope the part about setting the flag causing problems on
AIX 5.2 was faulty memory on my part, and not behaviour that has change
in an OS patch).
>From the soon-to-be-released OpenSSH 4.3p1 and up, the #define will
be set automatically by configure. It's already in the snapshots:
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/snapshot/
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- Previous message: Giorgio Corani: "issue with name resolution"
- In reply to: KS: "Re: AIX 5.3 LDAP PAM PrivilegeSeperation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
