>You can run the server as root or as some other user. In order to use PAM >(Pluggable Authentication Module) it has to run as root. A general comment about PAM rather than this specific problem. It is NOT a requirement of the PAM framework that application be running as root. There are two cases though that make login type applications need to run as root. 1) The password is stored in /etc/shadow which only root can read If the password was in NIS/NIS+/LDAP then the authentication could succeed are an ordinary user. 2) the login application needs to make setuid/setgid calls this usually happens in the application after PAM authentication has been completed and is thus nothing to do with PAM. If the OS has privileges/capabilities then the application would assert PROC_SETID/CAP_SETID instead of being root to make the setuid/setgid calls. -- Darren J Moffat This posting is my own opinion and does not constitute official support from Sun Microsystems Inc.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:07:36 PDT