[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_acct_mgmt -- required?



Ingo Luetkebohle wrote:
> On rereading the documentation, I get the impression that a call to
> pam_acct_mgmt is a required step to be able to grant access rights to a
> user (not technically, but logically). Is that correct?

This is an abstraction issue. The thing is that you write an application to
interface with libpam, and leave the business of how these hooks are used to
the local sysadmin and the module writer.

In general an application, if it provides login-type services, should supply
this hook. If the admin wishes to ignore this authentication mechanism s/he
can always use pam_permit.so as the "account" module.

On the other hand, applications like 'passwd' have no need for this sort of
thing and thus only bind to the "password" modules.

Hope that helped

Andrew
-- 
               Linux-PAM, libpwdb, Orange-Linux and Linux-GSS
                  http://parc.power.net/morgan/index.html
       [ For those that prefer FTP  ---  ftp://ftp.lalug.org/morgan ]



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []