Re: Quick Question


Subject: Re: Quick Question
From: Chris Harwell (charwell@digitalpulp.com)
Date: Fri Mar 09 2001 - 11:34:34 EST


On Fri, 9 Mar 2001, Matthew Geier wrote:
> I have found with RH7 that the users Unix passwords HAVE to be less
> than 8 characters, the standard Appleshare pasword lenght. The MD5
> password hash is signficant to ALL characters of a password unlike the
> old crypt system that ignored any thing after 8 characters. So users
> with longer passwords can't login as they can't type it all in.
>
> I think the problem exists with DHX as well, as something still expects
> to need only 8 characters of the password...

ummmmm.....

having more than 8 character password for dhx login + MD5 + shadow
+redhat-7.0 works for me.

here is my config:

netatalk-1.5pre3-1mdk
Linux 2.4.0 #2 Fri Jan 19 14:36:46 EST 2001 i686 unknown
redhat 7.0 + updates

cat /etc/pam.d/netatalk

#%PAM-1.0
auth required /lib/security/pam_pwdb.so shadow
account required /lib/security/pam_pwdb.so
#password required /lib/security/pam_cracklib.so
#password required /lib/security/pam_pwdb.so shadow use_authtok
session required /lib/security/pam_pwdb.so

cat /etc/pam.d/system-auth

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth sufficient /lib/security/pam_unix.so likeauth nullok md5
shadow
auth required /lib/security/pam_deny.so
account sufficient /lib/security/pam_unix.so
account required /lib/security/pam_deny.so
password required /lib/security/pam_cracklib.so retry=3
password sufficient /lib/security/pam_unix.so nullok use_authtok md5
shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so

and from /etc/atalk/afpd.conf:

 -uamlist uams_dhx.so

which looks to /etc/atalk/uams/uams_dhx.so
- actually a link: uams_dhx.so -> uams_dhx_pam.so

i've made no pam changes and configured MD5 and shadow at install time (i
think this could be done post-install through authconfig?)

of course, i'm still sorting through other (possible netatlk related)
problems - claims of dissapearing folders (which i haven't managed to
verify yet) and those afpd /var/log/messages others are seeing:

afpd[15313]: setdirowner: chown -1/0 .AppleDouble/.Parent: Operation not permitted
afpd[18245]: setdirowner: chown 16777216/-1 .AppleDouble/.Parent: Operation not permitted
afpd[18245]: setdirowner: chown 16777216/-1 .AppleDouble: Operation not permitted
afpd[18245]: setdirowner: chown 16777216/-1 .: Operation not permitted
afpd[18245]: setdirowner: chown -1/0 .AppleDouble/.Parent: Operat

which i've been assuming just means i don't have file/dir ownerships,
groups and g+s all working happily together.

anyway, long passwords work fine for me - what's different?

-- 
chris
charwell@digitalpulp.com



This archive was generated by hypermail 2b28 : Sun Oct 14 2001 - 03:04:34 EDT