¡¾ÇóÖú¡¿·þÎñÆ÷ÔçÉϳöÏÖһϵÁÐÎÊÌâ,½ô¼±ÇóÖú
ÉÏ°à·¢ÏÖ·þÎñÆ÷µÄÓʼþ·þÎñûÓÐÆô¶¯,»³ÒÉÊDZ»ÖØÆô¹ýÁËÓм¸¸öµØ·½Òì³£µÄ:
1, ²»ÄܼǼÈÕÖ¾, /var/log/messages ºÍ /var/log/secure ¶¼ÊÇ×òÌìÒÔÇ°µÄ¼Ç¼,½ñÌìµÄ¼Ç¼ûÓÐ
2, ²»ÄÜÐÞ¸ÄÃÜÂë, ÐÞ¸ÄrootÃÜÂëʱ,³öÏÖ:passwd: Authentication failureµÄÌáʾ,ÐÞ¸ÄÆäËûÓû§ÃÜÂëʱ,³öÏÖpasswd: Authentication token manipulation error
СµÜ¾ÑéÉÐdz,Íû¸÷λÅóÓÑ°ïæ²ÎÏêÒ»ÏÂ,ÊÇʲôÎÊÌâµ¼ÖµÄ,ÈçºÎ½â¾ö,ллÁË µÚÒ»¸öÎÊÌâ¿ÉÄÜÊÇÄãµÄsyslogd±»ÈËÌæ»»ÁË£¬ ¼ì²éһϠ/sbin/syslogd µÄÐÞ¸Äʱ¼ä£¬×îºÃºÍϵͳµÄÔʼ°æ±¾±È½Ï¡£
[cax@monitor ~]$ whereis syslogd
syslogd: /sbin/syslogd /usr/share/man/man8/syslogd.8.gz
[cax@monitor ~]$ rpm -qf /sbin/syslogd
sysklogd-1.4.1-26_EL
»òÕßÓÃÃüÁî²âÊÔ syslogd µÄ²¿·Ö¹¦ÄÜÊÇ·ñÕý³£:
$logger this is from console user test the /sbin/syslogd...
¡±Authentication token manipulation error¡° ¿ÉÄÜÊÇϵͳÖеÄpamÄ£¿é±»É¾³öÁË£¬Çå¼ì²éÒ»ÏÂÎļþÊÇ·ñ´æÔÚ£¬ÄÚÈÝÊÇ·ñÒ»Ñù£º
$ cat /etc/pam.d/passwd
#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
$ cat /etc/pam.d/su
#%PAM-1.0
auth sufficient /lib/security/$ISA/pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient /lib/security/$ISA/pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required /lib/security/$ISA/pam_wheel.so use_uid
auth required /lib/security/$ISA/pam_stack.so service=system-auth
account required /lib/security/$ISA/pam_stack.so service=system-auth
password required /lib/security/$ISA/pam_stack.so service=system-auth
# pam_selinux.so close must be first session rule
session required /lib/security/$ISA/pam_selinux.so close
session required /lib/security/$ISA/pam_stack.so service=system-auth
# pam_selinux.so open and pam_xauth must be last two session rules
session required /lib/security/$ISA/pam_selinux.so open multiple
session optional /lib/security/$ISA/pam_xauth.so
Ö÷ÒªÊÇÕâ¸ö /lib/security/pam_stack.so
·Çredhatϵͳ´¦Àí·½·¨ÏàËÆ Å¶ ÕâÑù°¡ ѧϰÁË. ÎÒÒ²ÊǸսӴ¥
------------------------------------
[url=http://www.raidcn.com]raidÊý¾Ý»Ö¸´[/url]
Ò³:
[1]