[tac_plus] PAM and LDAP with non-root user

john heasley heas at shrubbery.net
Fri Nov 12 00:58:02 UTC 2010


Thu, Nov 11, 2010 at 04:40:03PM -0600, Ben Wiechman:
> Various threads document that when using PAM for authentication the tac_plus
> has to run as root due to requirements of the pam_unix.so module. Those
> threads maybe indicate that if LDAP was used the server could run as a
> non-root user. Is it possible to integrate with LDAP using PAM and run
> tac_plus as a non-root user or am I interpreting those threads incorrectly?

that should be correct, though may be implementation-dependent.  as long as
the pam modules dont need to access a protected file or other protected
resource, it should work.


More information about the tac_plus mailing list