I create this simple patch for pam_access; so you can specify a diferent
access.conf file for every service (Or the default
/etc/security/access.conf, if not specified). For ex:
/etc/pam.d/sshd
#specify accessfile
account required /lib/security/pam_access.so accessfile=/etc/security/access.sshd.conf
/etc/pam.d/login
#default accessfile
account required /lib/security/pam_access.so
This permits ftp and/or pop (I use cucipop because imap doesn't set
PAM_RHOST) access but not telnet for some folks, or telnet for them for
just some hosts, etc... well, there are millions of configurations.
All is very elegant and even sshd supports pam...
I think its a useful and necesary (and crucial for me :-) feature, so I
would like it to be included in the next release of pam.
This patch is as simple as unparanoic, maybe some audit is necessary.
Aldrin.
_______________________________________________
Pam-list mailing list
Pam-...@redhat.com
https://listman.redhat.com/mailman/listinfo/pam-list