diff options
author | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2020-01-28 15:07:35 +0530 |
---|---|---|
committer | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2020-02-07 09:58:13 +0000 |
commit | cd17b26c893ba9dd1dcb0d56d725f2892c57e125 (patch) | |
tree | cb2195bc46f08493b6e4c30b3edcece0f7b3add4 | |
parent | 3f8a743a5179eb618518ff04b98202a997342bb0 (diff) | |
download | bmcweb-cd17b26c893ba9dd1dcb0d56d725f2892c57e125.tar.gz bmcweb-cd17b26c893ba9dd1dcb0d56d725f2892c57e125.zip |
[pam]: Restrict user authentication to redfish grp
Restrict bmcweb authentication to redfish group only. This
change makes sure that user without having redfish group user
is not authenticated to query the details, and login will fail.
Tested:
1.Verified by removing the redfish group role for a valid user
and confirmed redfish session establishment fails using postman.
Change-Id: Ie0c1c94a7ac4d218a502faba1d80c7b9fc2a7ca0
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
-rw-r--r-- | pam-webserver | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/pam-webserver b/pam-webserver index 473b922..f04b34a 100644 --- a/pam-webserver +++ b/pam-webserver @@ -1,5 +1,6 @@ #%PAM-1.0 auth include common-auth +auth required pam_succeed_if.so user ingroup redfish account include common-account password include common-password |