- 论坛徽章:
- 0
|
配置了pam_smb_auth.so用于用户鉴权,同时由于域用户和本机用户名不一致需要使用用户映射(usermap)功能(从pam_smb-2.0.0-rc6后提供),telnet可以,但是ftp不行,使用的vsftpd,从网上下了vsftpd-2.0.3,编译后重启vsftpd还是不行。看了下vsftpd和pam_smb源码,原来pam_smb通过msgq将映射后的用户名重新通过pam_set_item函数放入了PAM结构中,而vsftpd没有去使用。接下来就好办了,通过修改vsftpd调用pam_get_item后问题解决。
![]()
文件:vsftpd-2.0.3.zip
大小:18KB
下载:
下载
Purpose :
Get mapped username from pam_sam_auth( username mapping supported by pam_smb-2.0.0-rc6 or greater )
Modified Files:
postlogin.c: //added by lyc
postlogin.c: //added by lyc end
postlogin.c: // by lyc --vsf_cmdio_write(p_sess, FTP_LOGINOK, "Login successful.");
postlogin.c: vsf_cmdio_write(p_sess, FTP_LOGINOK, str_getbuf(&ok_resp)); // added by lyc-
sysdeputil.c:// added by lyc
sysdeputil.c:// added by lyc end
sysdeputil.c:// added by lyc
sysdeputil.c:// added by lyc end
BTW, sufficient control type just ignores the rest control type on Solaris PAM. So, if you feel a module is sufficient, put it ahead the requires. The login program uses other as its PAM service name on Solaris.
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u/13045/showart_67592.html |
|
免费注册
发表于 2006-01-13 13:54