/etc/passwd & /etc/shadow
Jason Gerfen
jason.gerfen at scl.utah.edu
Thu Jun 24 17:54:46 UTC 2004
Yeah, that sounds like what I am looking to do, well I am actually
trying to modify the pam_krb5 to create the local account if there is an
account in kerberos.
Joe Lewis wrote:
> I had written a pam_create_account, but it's a major security hole -
> anyone can log in, and they get prompted for the password twice, and
> then the account get's created. The individual had requested the
> module so that techs in the NOC had an easy time of creating them, and
> set it up on the console-only login. Is this what you are looking
> for? If so, I'll send you the code and let you hack away.
>
> Joe
>
> Jason Gerfen wrote:
>
>> PAM is running as root, at least I get a UID and EUID of 0 when using
>> the get_(e)uid() function in a module I have been writting.
>>
>> The next thing I want to do is to read in the contents of the
>> /etc/passwd & /etc/shadow files during the pam_sm_authenticate()
>> process so I may either add the user locally before mapping the
>> ticket from a successfull kerberos authentication
>>
>> So far I am turning up nill on the subject, I am on SuSE 9.0.
>>
>> Thanks,
>>
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
--
Jason Gerfen
Student Computing Group
Marriott Library
University of Utah
(801) 585-9810
jason.Gerfen at scl.utah.edu
"...Sometimes I just yell at myself. And it
makes me sad, sometimes I make myself cry..."
~ My nephew Dawsyn
More information about the Pam-list
mailing list