때때로 pam 모듈(pam_winbind 사용)을 사용하는 시스템 장치는 사용자 비밀번호를 기록합니다.
시스템 장치 로그:
Mar 25 15:47:41 display-server node[5969]: pam_succeed_if(grooming:auth): requirement "user ingroup marketing department" not met by user "dispatch1"
Mar 25 15:47:41 display-server node[5969]: pam_succeed_if(grooming:auth): requirement "user ingroup dispatch users" was met by user "dispatch1"
Mar 25 15:47:41 display-server node[5969]: pam_winbind(grooming:auth): getting password (0x00004288)
Mar 25 15:47:41 display-server node[5969]: pam_winbind(grooming:auth): user 'dispatch1' granted access
Mar 25 15:47:41 display-server node[5969]: pam_winbind(grooming:auth): Received [<PASSWORD>] reply from application.
PAM 모듈:
#%PAM-1.0
auth [success=3 default=ignore] pam_succeed_if.so user ingroup [marketing department]
auth [success=2 default=ignore] pam_succeed_if.so user ingroup [dispatch users]
auth [success=1 default=ignore] pam_succeed_if.so user ingroup [it department]
auth requisite pam_deny.so
auth [success=1 default=ignore] pam_localuser.so
auth [success=2 default=die] pam_winbind.so
auth [success=1 default=die] pam_unix.so nullok
auth requisite pam_deny.so
auth optional pam_permit.so
auth required pam_env.so
account required pam_unix.so
account [success=1 default=ignore] pam_localuser.so
account required pam_winbind.so
account optional pam_permit.so
account required pam_time.so
password [success=1 default=ignore] pam_localuser.so
password [success=2 default=die] pam_winbind.so
password [success=1 default=die] pam_unix.so sha512 shadow
password requisite pam_deny.so
password optional pam_permit.so
session required pam_limits.so
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
session required pam_unix.so
session [success=1 default=ignore] pam_localuser.so
session required pam_winbind.so
session optional pam_permit.so
이것이 내 pam 모듈의 문제인가요, pam_winbind의 문제인가요, 아니면 추가하여 silent = yes수정해야 할 문제 인가요 pam_winbind.conf?