[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Is this legitimate? (Module/application interaction.)

Allan Bjorklund wrote:
>    Never mind.  I just found the text that implies I can't do this.
>    Section 7.3 of X/Open rfc 86.0:
>      ... we have designed the PAM API's to not return any data to the
>      application, except status.
>    Though in section 11 it says:
>      One possible extension to PAM is to allow the passing of
>      module-specific data between applications and PAM modules.
>    Which would help me out if that work had been done.  I can do the
> authentication inside a module, but the authentication routine returns
> pieces that need to be propogated back up to the application. <sigh>

Are environment variables (pam_putenv/getenv) sufficient?

The pam_[sg]et_item()s are the other obvious interface..  If someone
could come up with a PAM_SESSION_INFO item-type that had sufficiently
low maintenance cost but a high extensibility, I can think of a number
of things that might benefit from it.

A third possibility, is to define a custom conversation type known to
the app and the module.  The module could then use the conversation
function to pass such info back and forth.  This is like your original
app_ptr thing and I don't much care for it really.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []