pam_succeed_if's pam_sm_setcred
Ian Ward Comfort
icomfort at rescomp.stanford.edu
Thu Mar 5 19:12:08 UTC 2009
On 5 Mar 2009, at 10:45 AM, Thorsten Kukuk wrote:
> As written in the manual page of pam_sm_setcred():
>
> The way the auth stack is navigated in order to evaluate the
> pam_setcred() function call, independent of the
> pam_sm_setcred() return
> codes, is exactly the same way that it was navigated when
> evaluating
> the pam_authenticate() library call. Typically, if a stack
> entry was
> ignored in evaluating pam_authenticate(), it will be ignored
> when
> libpam evaluates the pam_setcred() function call. Otherwise,
> the return
> codes from each module specific pam_sm_setcred() call are
> treated as
> required.
>
> So what you wish to do is not possible.
Ah, thanks; obviously I missed that section. (I must be missing
something else, too, as I thought I had my pam_authenticate stack
skipping this module, but that's for me to investigate.)
--
Ian Ward Comfort <icomfort at rescomp.stanford.edu>
System Administrator, Student Computing, Stanford University
More information about the Pam-list
mailing list