RE: Audit config for NISPOM req's

Steve, My pam.d directory shows: atd:session required pam_loginuid.so crond:session required pam_loginuid.so gdm:session required pam_loginuid.so gdm-autologin:session required pam_loginuid.so kcheckpass:session required pam_loginuid.so kdm:session required pam_loginuid.so kdm-np:session required pam_loginuid.so login:session required pam_loginuid.so remote:session required pam_loginuid.so sshd:session required pam_loginuid.so wbem:session required pam_loginuid.so xdm:session required pam_loginuid.so I added xcreensaver session required pam_loginuid.so but it had no effect. Is there anything else I missed? Thanks, Dave -----Original Message----- From: Steve Grubb [mailto:sgrubb@redhat.com] Sent: Friday, January 12, 2007 2:50 PM To: Kirkwood, David A. Cc: linux-audit(a)redhat.com Subject: Re: Audit config for NISPOM req's On Friday 12 January 2007 13:45, Kirkwood, David A. wrote: -1 Yes. #cd /etc/pam.d #grep loginuid * See if you have that in your pam stack. You should see something like this: atd:session required pam_loginuid.so crond:session required pam_loginuid.so gdm:session required pam_loginuid.so gdm-autologin:session required pam_loginuid.so kcheckpass:session required pam_loginuid.so kdm:session required pam_loginuid.so kdm-np:session required pam_loginuid.so kscreensaver:session required pam_loginuid.so login:session required pam_loginuid.so remote:session required pam_loginuid.so sshd:session required pam_loginuid.so vsftpd:session required pam_loginuid.so xdm:session required pam_loginuid.so -Steve