Highlighted
Flight Engineer Flight Engineer
Flight Engineer
  • 345 Views

Bypass /etc/nogin with specific user(s)

Anyone know if there is a way to specify a specific user, or users (a group?), allow access either via ssh or at console when there is a /etc/nogin file present?

I found a thread online that mentions adding the following line to /etc/pam.d/login just before the 'account required pam_nologin.so' line:

account [success=1 default=ignore] pam_succeed_if.so quiet user ingroup group

I've tested this and it's not working for me. I'm testing this in CentOS 7.

Labels (2)
0 Kudos
1 Reply
Highlighted
Mission Specialist
Mission Specialist
  • 248 Views

Re: Bypass /etc/nogin with specific user(s)

I'm no expert here, but I thought all PAM config must have a verb e.g. requsite, sufficient etc - and sounds like you would want sufficient i.e. let the person through without asking any furhter checks

e.g.

auth required pam_succeed_if.so quiet user ingroup groupname

 

0 Kudos
Reply
Loading...
Join the discussion
You must log in to join this conversation.