Please respond to firstname.lastname@example.org
Sent by: email@example.com
Subject: Re: RedHat 7.2 pam_unix.so and PAM_AUTHTOK?
On Wed, 2002-07-31 at 03:26, firstname.lastname@example.org wrote:
> >From what I have been able to observe on RedHat 7.2, the pam_unix.so
> password module clears the PAM_AUTHTOK and PAM_OLDAUTHTOK
> tokens so the next stacked password module can not call pam_get_item
> for the data. Is there an argument that can be passed to the pam_unix.so
> password module that will tell it to not clear the tokens? I want to write
> a pam module that can be called after pam_unix.so, and I want to use
> the passwords that were previously entered by the user. If I missed some
> documentation or a previous thread on this, I apologize and would
> appreciate a pointer to the info.
Use the argument 'use_first_pass' for your module.
password required pam_unix.so <arguments>
password required my_module use_first_pass <other arguments>
try_first_pass should work too.
Also check that this is NOT set:
"The not_set_pass argument is used to inform the module that it is not
to pay attention to/make available the old or new passwords from/to
other (stacked) password modules."
Failing that, set debug and poke around in the source to see what it's