authconfig在RHEL上修改哪些文件?

8

我试图允许RHEL使用在系统上创建的登录帐户,但使用Active Directory中的密码。我见过有人使用:

authconfig \
--enablekrb5 \
--krb5realm=KDCRealm.NET \
--krb5kdc=kcldap.net \
--krb5adminserver=kcldap.net \
--enablekrb5kdcdns \
--enablekrb5realmdns \
--update

不过,我不确定该命令的工作方式或作用,或修改的文件。

rhel  active-directory 
FilBot3
source

Answers:

6

您可以运行authconfig-gtk以了解authconfig可以修改的内容。

GUI的屏幕截图

                            SS#1

                            SS#2

通常,这些选项卡中的大多数信息都是在目录下操作信息/etc/sysconfig。那里有许多与基于RedHat发行版的配置有关的文件,例如Fedora,CentOS或RHEL。

例如,有一个具有讽刺意味的文件,authconfig其中包含上述屏幕快照中对话框的选择。

$ more /etc/sysconfig/authconfig
USEMKHOMEDIR=no
USEPAMACCESS=no
CACHECREDENTIALS=yes
USESSSDAUTH=no
USESHADOW=yes
USEWINBIND=no
USEDB=no
FORCELEGACY=no
USEFPRINTD=no
FORCESMARTCARD=no
PASSWDALGORITHM=sha512
USELDAPAUTH=no
USEPASSWDQC=no
USELOCAUTHORIZE=yes
USECRACKLIB=yes
USEWINBINDAUTH=no
USESMARTCARD=no
USELDAP=no
USENIS=no
USEKERBEROS=no
USESYSNETAUTH=no
USESSSD=no
USEHESIOD=no
slm
source
10

slm的答案非常好,但是我对要修改哪些文件确实很感兴趣。可以在中找到/usr/share/authconfig/authinfo.py。以下摘录来自CentOS6: 

SYSCONFDIR =“ /等”
PASSWORD_AUTH_PAM_SERVICE_AC =“密码验证-交流”
FINGERPRINT_AUTH_PAM_SERVICE_AC =“指纹认证-交流”
SMARTCARD_AUTH_PAM_SERVICE_AC =“ smartcard-auth-ac”

all_configs = [
        FileBackup(“ hesiod.conf”,SYSCONFDIR +“ / hesiod.conf”),
        FileBackup(“ yp.conf”,SYSCONFDIR +“ / yp.conf”),
        FileBackup(“ ldap.conf”,SYSCONFDIR +“ / ldap.conf”),
        FileBackup(“ nss_ldap.conf”,SYSCONFDIR +“ / nss_ldap.conf”),
        FileBackup(“ pam_ldap.conf”,SYSCONFDIR +“ / pam_ldap.conf”),
        FileBackup(“ nslcd.conf”,SYSCONFDIR +“ / nslcd.conf”),
        FileBackup(“ openldap.conf”,SYSCONFDIR +“ / openldap / ldap.conf”),
        FileBackup(“ kr​​b5.conf”,SYSCONFDIR +“ / krb5.conf”),
        FileBackup(“ kr​​b.conf”,SYSCONFDIR +“ / krb.conf”),
        FileBackup(“ pam_pkcs11.conf”,SYSCONFDIR +“ / pam_pkcs11 / pam_pkcs11.conf”),
        FileBackup(“ smb.conf”,SYSCONFDIR +“ / samba / smb.conf”),
        FileBackup(“ nsswitch.conf”,SYSCONFDIR +“ / nsswitch.conf”),
        CacheBackup(“ cacheenabled.conf”,“”),
        FileBackup(“ system-auth-ac”,SYSCONFDIR +“ / pam.d /” + AUTH_PAM_SERVICE_AC),
        FileBackup(“ password-auth-ac”,SYSCONFDIR +“ / pam.d /” + PASSWORD_AUTH_PAM_SERVICE_AC),
        FileBackup(“ fingerprint-auth-ac”,SYSCONFDIR +“ / pam.d /” + FINGERPRINT_AUTH_PAM_SERVICE_AC),
        FileBackup(“ smartcard-auth-ac”,SYSCONFDIR +“ / pam.d /” + SMARTCARD_AUTH_PAM_SERVICE_AC),
        FileBackup(“ authconfig”,SYSCONFDIR +“ / sysconfig / authconfig”),
        FileBackup(“ network”,SYSCONFDIR +“ / sysconfig / network”),
        FileBackup(“ libuser.conf”,SYSCONFDIR +“ / libuser.conf”),
        FileBackup(“ login.defs”,SYSCONFDIR +“ / login.defs”),
        FileBackup(“ sssd.conf”,SYSCONFDIR +“ / sssd / sssd.conf”)]

该代码还显示备份存储在此处:

PATH_CONFIG_BACKUPS =“ / var / lib / authconfig”
保罗·托比亚斯
source
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.