Details
-
Task
-
Resolution: Fixed
-
Major
-
None
-
6.6.x Doc Updates
-
None
-
CB 6.6.5 but applies to other versions
-
DOC-2022-S17, DOC-2022-S18, DOC-2022-S19, DOC-2022-S20
-
1
Description
Looks like https://docs.couchbase.com/server/6.6/manage/manage-security/configure-pam.html needs to be adjusted for users running with Centos8 (assuming that applies to Redhat 8 as well):
At step 5 we just do a generic copy:
cp /etc/pam.d/passwd /etc/pam.d/couchbase
|
However, it seems that more needs to be done:
In Centos7, /etc/pam.d/passwd contains:
# cat /etc/pam.d/passwd
|
#%PAM-1.0 |
auth include system-auth
|
account include system-auth
|
password substack system-auth
|
-password optional pam_gnome_keyring.so use_authtok
|
password substack postlogin
|
auth include system-auth
|
account include system-auth
|
While in Centos8, the file contains:
# cat /etc/pam.d/passwd
|
# passwd: auth account
|
auth required pam_permit.so
|
account required pam_opendirectory.so
|
password required pam_opendirectory.so
|
session required pam_permit.so
|
Things don't work if the following two entries are not added:
auth include system-auth
|
account include system-auth
|
Note that this probably needed for the other CB versions.
Could this kind of changes be documented as part of some Release Notes?