Advice regarding best practices (was: how to get 'auth' result?)
R Hannes Beinert
argovela at yahoo.com
Fri Jun 6 19:03:14 UTC 2008
Hello,
I have just encountered a situation where I have the same question
as Dan (subject: how to get 'auth' result?, dated May 13th).
I'm working on (yet another) OTP-style module, and would like to be
able to mark the current token as having been "used" after a
successful authentication. I am looking for some guidance as to the
"best practices" for a PAM module. Would the pam_sm_setcred()
function be the appropriate place for this? One could theoretically
use the pam_sm_open_session() function, yet that doesn't seem to be
as clean, since it blurs the distinction between the auth stack, and
the session stack.
I'd be grateful for any recommendations.
Hannes.
More information about the Pam-list
mailing list