我发现了一个奇怪的问题。pam 无法正确读取 common-account.puppet 可以由 pam 正确读取 common-account.written。
但是它们的文本是相同的,使用 meld 和 vimdiff
md5sum common-account.puppet common-account.written
7e80513f6dc8f7604ec36dbf6248780d common-account.puppet
47425f79f81d38eadbadb0c3de89aafc common-account.written
我不确定两者之间有什么区别。有什么命令可以显示更多差异日志吗?
kithokit@15:46:58 ~ $ md5sum common-account.puppet common-account.written
7e80513f6dc8f7604ec36dbf6248780d common-account.puppet
47425f79f81d38eadbadb0c3de89aafc common-account.written
kithokit@15:47:08 ~ $ diff common-account.puppet common-account.written
1,29c1,29
< #
< # /etc/pam.d/common-account - authorization settings common to all services
< #
< # This file is included from other service-specific PAM config files,
< # and should contain a list of the authorization modules that define
< # the central access policy for use on the system. The default is to
< # only deny service to users whose accounts are expired in /etc/shadow.
< #
< # As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
< # To take advantage of this, it is recommended that you configure any
< # local modules either before or after the default block, and use
< # pam-auth-update to manage selection of other modules. See
< # pam-auth-update(8) for details.
< #
<
< # here are the per-package modules (the "Primary" block)
< account sufficient pam_winbind.so
< account required pam_unix.so
<
< #account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
< #account [success=1 new_authtok_reqd=done default=ignore] pam_winbind.so
< # here's the fallback if no module succeeds
< #account requisite pam_deny.so
< # prime the stack with a positive return value if there isn't one already;
< # this avoids us returning an error just because nothing sets a success code
< # since the modules above will each just jump around
< #account required pam_permit.so
< # and here are more per-package modules (the "Additional" block)
< # end of pam-auth-update config
---
> #
> # /etc/pam.d/common-account - authorization settings common to all services
> #
> # This file is included from other service-specific PAM config files,
> # and should contain a list of the authorization modules that define
> # the central access policy for use on the system. The default is to
> # only deny service to users whose accounts are expired in /etc/shadow.
> #
> # As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
> # To take advantage of this, it is recommended that you configure any
> # local modules either before or after the default block, and use
> # pam-auth-update to manage selection of other modules. See
> # pam-auth-update(8) for details.
> #
>
> # here are the per-package modules (the "Primary" block)
> account sufficient pam_winbind.so
> account required pam_unix.so
>
> #account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
> #account [success=1 new_authtok_reqd=done default=ignore] pam_winbind.so
> # here's the fallback if no module succeeds
> #account requisite pam_deny.so
> # prime the stack with a positive return value if there isn't one already;
> # this avoids us returning an error just because nothing sets a success code
> # since the modules above will each just jump around
> #account required pam_permit.so
> # and here are more per-package modules (the "Additional" block)
> # end of pam-auth-update config
谢谢如果你能帮忙