Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

PAM on Ubuntu

Posted on 2009-06-29
11
Medium Priority
?
446 Views
Last Modified: 2013-12-16
Dear Experts,

Does anyone here know how to use PAM on Ubuntu 8.04 to set permissions?  Apparently it is better to use PAM.  I have a shared computer and want to stop users looking at other users folders, settings, and temporary files.

Please help.
0
Comment
Question by:narmi2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
11 Comments
 
LVL 29

Expert Comment

by:fosiul01
ID: 24734445
this is the first time, i heard to use pam to restrict share from user!!

may be there is a way but i dont know ..

but why dont you use  , linux permission for that ??

if you can define accurate permission for user, groups and insert user into those groups, your pupose would be solved

have you tryed with that ??
0
 
LVL 12

Expert Comment

by:Let_Me_Be
ID: 24734453
You seem to be a bit confused. PAM is authentication pluggable tool not a tool to set permissions. What you are looking for is probably ACL (although the actual need to use ACLs is very rare, 99% cases can be solved with simple Unix access rights).
0
 
LVL 1

Author Comment

by:narmi2
ID: 24734881
According to the documentation in login.defs, I do want to use PAM

# UMASK usage is discouraged because it catches only some classes of user
# entries to system, in fact only those made through login(1), while setting
# umask in shell rc file will catch also logins through su, cron, ssh etc.
#
# At the same time, using shell rc to set umask won't catch entries which use
# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
# user and alike.
#
# Therefore the use of pam_umask is recommended as the solution which
# catches all these cases on PAM-enabled systems.
#
# This avoids the confusion created by having the umask set
# in two different places -- in login.defs and shell rc files (i.e.
# /etc/profile).
0
PowerShell Core for Advanced Linux Administrators

Understand advanced principals around Powershell Core with a focus on the Linux Administrator.  This course covers how to administer numerous environments across multiple platforms including Linux, Azure, AWS, and Google Cloud from a single shell instance.

 
LVL 29

Expert Comment

by:fosiul01
ID: 24734900
from bellow, which line  makes you think that pum can crontall share ??

------------
According to the documentation in login.defs, I do want to use PAM

# UMASK usage is discouraged because it catches only some classes of user
# entries to system, in fact only those made through login(1), while setting
# umask in shell rc file will catch also logins through su, cron, ssh etc.
#
# At the same time, using shell rc to set umask won't catch entries which use
# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
# user and alike.
#
# Therefore the use of pam_umask is recommended as the solution which
# catches all these cases on PAM-enabled systems.
#
# This avoids the confusion created by having the umask set
# in two different places -- in login.defs and shell rc files (i.e.
# /etc/profile).


are you thiking of umask ??
0
 
LVL 1

Author Comment

by:narmi2
ID: 24734910
This whole thread makes me think I should be using PAM:

http://forums.debian.net/viewtopic.php?f=10&t=33979
0
 
LVL 12

Expert Comment

by:Let_Me_Be
ID: 24734939
Could you explain what you actually need help with? You don't know how to switch to PAM or you need help with UMASK?
0
 
LVL 1

Author Comment

by:narmi2
ID: 24734977
According to the link above, you can centerally set umask using pam.  but when I try to install pam i.e. libpam_umask, it wants to remove the kernel from ubuntu.

So basically, I need help with setting up and installing pam in general.
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24734980
Ok so its about umask, its nothign to do with pam

if you read that article, you will see, there is some section, tis said to use chmod command to restrict control

if you want to know about umask

http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html

umask, is suppose , if you want want a system that , when a user will create a directory or file, it will be automaticaly set a certain permission, then you can setup umask . so it will apply with every file and directory

read that
0
 
LVL 1

Author Comment

by:narmi2
ID: 24734996
yes, but according to that article, it seems you cannot set umask centerally without pam.  without pam you have to make changes in more than one config file.
0
 
LVL 29

Accepted Solution

by:
fosiul01 earned 2000 total points
ID: 24735031
hmm
read the last bit

http://muzso.hu/2008/01/22/default-permissions-with-libpam-umask

Ok, now I got to use this in Hardy too. Smiling Found the problem: libpam_umask is no longer necessary since the required module is now in the libpam-modules package.


i dont use debain, so need to google it
0
 
LVL 1

Author Comment

by:narmi2
ID: 24735101
yes, that is the problem i am having, it wants to remove the whole system...  ok so now I know it's in libpam_modules, I will try installing that and see if I can set umask centerally.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

1. Introduction As many people are interested in Linux but not as many are interested or knowledgeable (enough) to install Linux on their system, here is a safe way to try out Linux on your existing (Windows) system. The idea is that you insta…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question