[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAMified login?



Michael K. Johnson:
> I thought the list members had agreed that utmp/wtmp was not a PAM
> issue and so all of my patches leave utmp/wtmp handling in the
> application.

Maybe I didn't understand it correctly - I thought that "session"
is defined as the utmp entry (at least for login).  One side effect
of the current implementation is that su creates another process,
and the command is run in the child - this is a visible difference
from the traditional su.  I guess it's another thing to ask Sun
about... if they aren't too tired with our questions yet :)

> pam_time already exists.  Is it not sufficient?

OK it didn't exist last time I checked :).  One small problem: it
uses a different file format than logoutd, the daemon to log out
users who exceed their allowed login time.

> Start with the modules.  That's something I can't help with; you
> are the shadow expert.  Once all the correct modules are written,
> then any login at all with generic PAM support will work.

I don't call myself an expert, and I don't really have any secrets
- it's all in the source, so I don't see why you (or anyone else)
can't help with this.  Feel free to use the code, it is free...

Marek



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []