From 613f1949208809a116bd1b3737e39a1599bf7d43 Mon Sep 17 00:00:00 2001 From: Dave Olson Date: Fri, 13 Apr 2018 01:04:39 -0700 Subject: Changes and cleanups around the privileged user. Ticket: CM-19457 Reviewed By: nobody Testing Done: lots of logins, and login combinations Validate that the mapuser database files are valid by using kill 0 on the pids. If not valid, try to unlink, and if we do, report it as a DEBUG. If we can't unlink (not root) report that we are skipping at INFO. As part of that, don't count valid fields and read entire file. Document in man page and config file that the mapped_priv_user account is known to libpam-radius-auth as well, and must be updated in both places if it changes. Updated the public symbols (the getgr additions) from previous commit Fixed some white space and line length issues. --- nss_mapuser.5 | 3 +++ 1 file changed, 3 insertions(+) (limited to 'nss_mapuser.5') diff --git a/nss_mapuser.5 b/nss_mapuser.5 index 6e63138..92aff16 100644 --- a/nss_mapuser.5 +++ b/nss_mapuser.5 @@ -45,6 +45,9 @@ When a uid or name match is found, this account information is read from .I /etc/passwd and used as a template for the matching account. The default at installation is .BR radius_priv_user . +It must match the privileged account name in +.IR pam_radius_auth (5) +for correct operation. .TP .I mapped_user=NAME This is the local account used as a template for unprivileged logins -- cgit v1.2.3