Adding pam_ldap.so by masking pam load errors
Absence of ldap distro feature will not generate pam_ldap.so because
of which we might see some unwanted error messages regarding the
failure in opening the pam_ldap.so in journalctl incase if pam_ldap
is present in PAM Configuration.
This commit would:
- Leverage '-' option before the 'type' in pam configuration, by which
the PAM library will not log any errors in the syslog if it is not
able to load the module beacause it is missing in the system.By using
this we don't need two pam configuration files for ldap and unix.
- Leverages ignore_unknown_user & ignore_authinfo_unavail options of
pam_ldap.so, which forces the PAM framework to ignore pam_ldap incase
if the user is not present in LDAP server or if the client cannot
connect to LDAP Server.
Change-Id: Ib876f942bf9318c37b3683bc5491a158c0f0e40e
Signed-off-by: manojkiraneda <manojkiran.eda@gmail.com>
2 files changed