Local (system) account creation

classic Classic list List threaded Threaded
3 messages Options
| Threaded
Open this post in threaded view
|

Local (system) account creation

Haydur
Hi there,

Is there a way to have remote FreeRadius only authentication on a
Linux box, and if successful, creation of a system / local account for
that user.

Thanks,
Neod

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Local (system) account creation

Alan DeKok
Haydur <[hidden email]> wrote:
> Is there a way to have remote FreeRadius only authentication on a
> Linux box, and if successful, creation of a system / local account for
> that user.

  Not really.  There's pam_radius_auth, but that's only for usernames
& passwors, as I could never figure out the PAM magic required to do
UID, etc.

  Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Local (system) account creation

Haydur
In reply to this post by Haydur
Ok, so from what I've learnt it's not possible to create accounts via
pam_radius_auth if they don't exist on the system. How about this?

Is it possible to use pam_radius_auth only authentication with
"login", and if the user does not exist in the local password file, a
default dummy account is used?

How would I do that?

I have tried modifying the login PAM configuration file, but although
the authentication succeeds, the system gives me errors like "session
setup problem, abort" or "user not known to underlying authentication
module" and reloads the login application. How can I fix that?

On 6/20/05, Alan DeKok <[hidden email]> wrote:

> Haydur <[hidden email]> wrote:
> > Is there a way to have remote FreeRadius only authentication on a
> > Linux box, and if successful, creation of a system / local account for
> > that user.
>
>   Not really.  There's pam_radius_auth, but that's only for usernames
> & passwors, as I could never figure out the PAM magic required to do
> UID, etc.
>
>   Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> ROUTING / This message may be Spam/Junk - Diese Email wird als Spam/Junk EMail eingestuft. Falls Sie diese Email nicht mehr erhalten moechten,  erstellen Sie bitte eine Regel in Ihrem Mailclient, die diese Email automatisch loescht oder verschiebt (http:/
> /www.schnell-im-netz.de/spam).
>
>


--

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html