Got a weird research project . . .
I'm looking for a way to limit who can log into a Linux box based on what group they are in. If the user exists in groupa, he/she can log into server group "a"; If user is in groupb, he/she can log into server group "b"; etc.
There is an expensive commercial solution that does this, but a native solution would be better. I've been reading about PAM modules, and thought this would be available, but am unable to find any such module.
Anyone ever hear of such a module or means that will reject logins if a user is not in the right group? The users are authenticated against LDAP, not local files. This is an access control (authorization) issue, not an authentication issue.
What has come to mind is adding a check in /etc/profile to see if the user is in the correct group for the server and if not, kill their shell. Crude :(
Thanks in advance.
Jorge Delacruz
---------------------------------
Be a better Heartthrob. Get better relationship answers from someone who knows.
Yahoo! Answers - Check it out. ---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss