[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam refuses to work when application is daemonized



Sorry if this appears twice, had posted with wrong account previously.

Hi all, 

I'm trying to use pam for a custom app server written in python. There exists 
a pam wrapper that makes it possible to use pam from within my python app.

Now when running the app standalone, everything works fine. But when I 
daemonize it, I can't authenticate a single user. I also found that I can't 
authorize somebody else than the user the shell runs in. 

Searched google and the docs, but didn't find anything that helped me.

Any suggestions? I attached the python script and the domserver config. 
daemonize is a standard unix daemonization receipt.


Regards,

Diez B. Roggisch
#!/usr/bin/env python

import sys
import PAM
from getpass import getpass
import daemonize

def pam_conv(auth, query_list, userData):

	resp = []
	print auth, user
	for i in range(len(query_list)):
		query, type = query_list[i]
		if type == PAM.PAM_PROMPT_ECHO_ON:
			val = raw_input(query)
			resp.append((val, 0))
		elif type == PAM.PAM_PROMPT_ECHO_OFF:
			resp.append(("foo", 0))
		elif type == PAM.PAM_PROMPT_ERROR_MSG or type == PAM.PAM_PROMPT_TEXT_INFO:
			print query
			resp.append(('', 0))
		else:
			return None

	return resp

service = 'domserver'

if len(sys.argv) == 2:
	user = sys.argv[1]
else:
	user = None

daemonize.daemonize(pidfile="/tmp/pamtest.pid", stdout="/tmp/pamtest.stdout", stdin="/dev/null")
user = "marco"

auth = PAM.pam()
auth.start(service)
if user != None:
	auth.set_item(PAM.PAM_USER, user)
auth.set_item(PAM.PAM_CONV, pam_conv)
try:
	auth.authenticate()
	auth.acct_mgmt()
except PAM.error, resp:
	print 'Go away! (%s)' % resp
except:
	print 'Internal error'
else:
	print 'Good to go!'
auth required     pam_unix.so
account required pam_access.so


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]