Code Monkey home page Code Monkey logo

Comments (5)

alandekok avatar alandekok commented on June 18, 2024

This configuration works on Cent 6,7 & 8, SLES 11, 12 and 15 SP4. With SLES 15SP5 my lecture file no longer displays.

Unfortunately I don't run SUSE and can't check this.

If it works everywhere else, then the problem is likely changes in the SUSE PAM system. There's nothing in the pam_radius_auth module about sudo, or displaying files.

from pam_radius.

chris-tepe-kr avatar chris-tepe-kr commented on June 18, 2024

Here is the package changes from SLES15 SP4 to SP5
SLE 15 SP5 Package Changes

  • pam-modules: 12.1-3.17 => 12.1-150000.5.3.2
  • pam: 0.8.16-1.1 => 0.8.16-150300.3.3.1
  • sudo: 1.9.9-150400.2.5 => 1.9.12p1-150500.5.1

from pam_radius.

chris-tepe-kr avatar chris-tepe-kr commented on June 18, 2024

Looking thru the SUDO change logs. in version 1.9.10
"The sudo lecture is now displayed immediately before the password prompt. As a result, sudo will no longer display the lecture unless the user needs to enter a password. Authentication methods that don't interact with the user via a terminal do not trigger the lecture."

Sudo 1.9.10

So why would the prompt option not display?

pam_radius_auth: _pam_parse: argv[0] = 'prompt=2FA'

from pam_radius.

alandekok avatar alandekok commented on June 18, 2024

As I said, this is an issue with the underlying PAM / OS. The pam_radius_auth code is the same across all platforms. if the behavior is different on one platform, then the issue is on that platform.

And also, I don't run SLES, so I have no way of debugging this. I'm not even sure how to start debugging it, as (again) the issue is in the underlying PAM / sudo / OS somewhere.

I don't see how I can make any changes to the pam_radius_auth module which will fix an issue with the underlying OS.

from pam_radius.

chris-tepe-kr avatar chris-tepe-kr commented on June 18, 2024

So the "prompt" option for pam_radius_auth.so module cannot be used to display a message such as "Waiting on 2FA" to the user unless they first prompted for their password when using this module with sudo authentication. I was using 2 factor as an authentication mechanism in lue of password when requesting elevated privileges via sudo access.

from pam_radius.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.