[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: password webpage



On Mon, Jan 05, 1998 at 04:58:04PM -0700, Craig Kelley wrote:
> Hello,
> 
>   I'm writing a secure webpage that will be used to change passwords on
> our linux box.  This machine serves out files to hundreds of people and I
> wanted to use pam57 to aid me in this goal.   I tried to follow the samba
> code and was successful in getting pam to verify a username/password; but
> when I envoke 
> 
> 	pam_chauthtok
> 
> and follow the conversation, it will always do this:
> 
> reply_number	msg				response
> 1/1		Password:			seems to work fine
> 1/2		Changing password for blah	
> 2/2		(current) UNIX password:	Segmentation fault
> 
> gdb doesn't supply any helpful information:
> 
> Program received signal SIGSEV, Segmentatoin fault.
> 0x400e0270 in ?? () from /lib/security/pam_pwdb.so
> 
> Is there any easier way to do this?-- using pam seems more difficult than
> just writing my own routines with crypt(), so I assume that I'm missing
> something here.
> 

Using pam for authentication is in general a good idea...

For successful debugging I recommend you use libpam and modules compiled
with -g flag (as I remember Red Hat defaults have the flag).
At run time gdb needs a command ("sharedlibrary" as I remember)
to load symbols from dynamic linker map.
After the loading your addresses will be resolved and shown with
the function name, the source file, and the line.

Before tracing the problem with gdb you may wish to check
the compatibility between your PAM modules and your application.
The PAM conversation mechanism was changed between 0.58 and 0.59.
So modules and application should both use the old convention or
both use the new one.

Regards,
					Andrey V.
					Savochkin



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []