[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM_USER or PAM_RUSER??



On Wed, 9 Aug 2000, Max Liccardo wrote:

> > If your module gets the username/password from its own configuration file,
> > there's no reason to store this username in one of the PAM_ITEMs: the
> > PAM_ITEMs are there for module<->module and application<->module
> > intercommunication.

> Yes, this is correct, my doubt was after reading the 5.1.2 of the "Linux
> Pam Module Writers' Guide", where PAM_USER is "the user under whose
> identity the service will be granted". According to me, if I should
> connect to an external repository I should assume the identity of an
> authorisated repository user and often this one differs from the user
> beeing authenticated.

The terminology tends to be a bit confusing.  When it says 'the service',
it refers to the service the user will have access to *after* PAM has
authenticated.  E.g., should we give this person (PAM_RUSER) access to the
rlogin service (PAM_RLOGIN) as user 'root' (PAM_USER)?

Steve Langasek
postmodern programmer





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []