Releases

Current version
Git/Latestdiff: 1.5.6

Latest Snapshots
Produced after each commit or rebase to new upstream version

GIT
RSBAC source code, can be unstable sometimes

Events

No events planned

Back to igraltist's experiences

UM on Gentoo Linux

System preparation

The description below take the case to only use authenticate against rsbac.
Read this howto handbook user-managment and migrating users and groups to rsbac management.

The point 9. is valid for a Debian system. On a Gentoo is the main file to edit '/etc/pam.d/system-auth'.

Content from /etc/pam.d/system-auth

auth		required	pam_env.so 
auth		required	pam_unix.so try_first_pass likeauth nullok 
auth		optional	pam_permit.so
 
account		required	pam_unix.so 
account		optional	pam_permit.so
 
password	required	pam_cracklib.so difok=2 minlen=8 dcredit=2 credit=2 retry=3 
password	required	pam_unix.so try_first_pass use_authtok nullok sha512 shadow 
password	optional	pam_permit.so
 
session		required	pam_limits.so 
session		required	pam_env.so 
session		required	pam_unix.so 
session		optional	pam_permit.so

To activate the UM, replace all pam_unix.so with pam_rsbac.so.
Attention this should only done when all task for migration are done before.

The follow content allow only to authenticate against rsbac.

auth		required	pam_env.so 
auth          required    pam_rsbac.so
auth		optional	pam_permit.so
 
account     required    pam_rsbac.so 
account	optional	pam_permit.so
 
 
password	required	pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 
password   required    pam_rsbac.so
password	optional	pam_permit.so
 
session	required	pam_limits.so 
session	required	pam_env.so 
session      required    pam_rsbac.so
session	optional	pam_permit.so

To fully switch to RSBAC UM read Switch over.

//