[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM_USER or PAM_RUSER??



This is the problem with an external users db. Suppose I have an external user
repository that I can access with username/password only, and  I have an account
to read/write into the db.
By my pam module I have to authenticate a user using the external repository (i.e.
radius, tacacs+, an so on...)...so I have a username/password to connect to my db
and a username/password to authenticate. I suppose PAM_USER is for connecting to
the db and PAM_RUSER is the identity of the user I want to authenticate.
This is the case of radius/NAS: a NAS user could be autheticate by a radius using
an external db: well, I use PAM_RUSER as the identity of the user into the NAS and
PAM_USER to autheticate the PAM_RUSER into my external (oracle, ldap) repository.

Steve Langasek ha scritto:

> PAM_RUSER represents the identity of the user on the remote machine.  PAM_USER
> is who the user wants to be granted service as on the local system.
>
> In most cases, you want to authenticate PAM_USER.
>
> Steve Langasek
> postmodern programmer
>
> _______________________________________________
> Pam-list mailing list
> Pam-list@redhat.com
> https://listman.redhat.com/mailman/listinfo/pam-list





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []