[cvsnt] Re: PAM Winbind linux cvsnt
Tony Hoyle
tony.hoyle at march-hare.com
Fri May 12 13:09:29 BST 2006
Unbehagen, Bret Earl (SD) wrote:
6. Created the /etc/cvsnt/PServer enabling the Repository options,
> LockServerLocal=0; Compat0_HideStatus=0,
> WinbindWapper=/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp,
> ServerName=<fqdn>
It's better to just copy the example file. I asume you didn't literally
type the commas etc.
LockServerLocal=0 is almost never used except for certain advanced
configurations (failover servers generally).
> Remotely I:
> $ CVSROOT=:pserver:<username>@<fqdn>:/<repo>
> $ cvs login
> Logging in to :pserver:<username>@<fqdn>:2401/<repo>
> CVS password:
> cvs login: authorization failed: server <fqdn> rejected access to
> /<repo> for user <username>
Hmm? Why go through all that if you are not using SSPI?
The Winbind wrapper *only* enables a limited SSPI server functaionality
on the cvsnt server (and even then I'm not sure I'd recommend it unless
you had no choice.. use Unix native authentication where you can).
PAM configuration is entirely separate, and is up to your admins to get
right (they probably already have done) - aside from copying a working
PAM configuration file to /etc/pam.d/cvsnt there really isn't anything
cvsnt specific to it at all.
Tony
More information about the cvsnt
mailing list