Allow configuration of "listsep" #163
Comments
|
You can specify these by using your own *_auth_lines parameters. The module does not support smartcard and fingerprint, though I'm guessing those are really just symlinked to something else like system-auth. What platform are you on? Can you confirm if the files above are symlinks or have the same content as system-auth or another -auth-ac file? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Because we use sssd to authenticate against AD and because AD allows groups with spaces in the name, in our environment we have to configure pam to use "listsep=," for "pam_access.so" entries in
fingerprint-auth-ac
password-auth-ac
smartcard-auth-ac
system-auth-ac
For example:
account required pam_access.so listsep=,
And then in access.conf, we configure the list of locations separated with commas:
For example:
I've "worked around it" via brute force by customizing the templates in my own copy of your module such that it ONLY supports using "listsep=," however it would be great (and likely useful for others) if this module supported doing that properly.
The text was updated successfully, but these errors were encountered: