Версия Linux-PAM-1.0.3.
diff -ru Linux-PAM.orig/modules/pam_group/pam_group.c Linux-PAM/modules/pam_group/pam_group.c --- Linux-PAM.orig/modules/pam_group/pam_group.c 2009-05-14 12:52:23.000000000 +0400 +++ Linux-PAM/modules/pam_group/pam_group.c 2009-05-14 12:53:55.000000000 +0400 @@ -657,9 +657,12 @@ "%s: no user entry #%d", PAM_GROUP_CONF, count); continue; } + /* If buffer starts with %, we are using unix groups */ + if (buffer[1] == '%') + good &= pam_modutil_user_in_group_nam_nam (pamh, user, &buffer[2]); /* If buffer starts with @, we are using netgroups */ - if (buffer[0] == '@') - good &= innetgr (&buffer[1], NULL, user, NULL); + else if (buffer[1] == '@') + good &= innetgr (&buffer[2], NULL, user, NULL); else good &= logic_field(pamh,user, buffer, count, is_same); D(("with user: %s", good ? "passes":"fails" ));
После этого в файле /etc/security/group.conf можно использовать следующую запись:
*; *; %users; Al0000-2400; disk, floppy, audio, cdrom, dialout, video, games, cdrw, usb, plugdev
Дискуссия