[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Linux-PAM and syslog (POSIX) (fwd)

On Thu, 26 Mar 1998, Cristian Gafton wrote:
>On Thu, 26 Mar 1998, Steve "Stevers!" Coile wrote:
>> Under no circumstances should PAM modules have that sort of imapct
>> on a program.  It is *completely* unreasonable to expect a program to
>> re-open a log file because a PAM modules closed it.
>For the record, my position is too that we should remove all the calls to
>openlog() and closelog() from pam lib and modules.

Not having written any PAM-aware programs, I'm not sure exactly how it
works, so the following may not work.

Quite simply, there should be a way for a program to register a log file
handle with PAM and have that file handle used for all logging purposes.
If no file handle is provided, no logging should be performed.  Perhaps
PAM could provide two, three, or even four handles: standard output,
standard error, and logging, and debug.

Presumably, some context block is maintained for each PAM session.
Simply add N file handle fields to that block.  Initialize them to null
(or reasonable defaults).  Provide a PAM logging/output function.

    Steve Coile

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []