[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM_USER or PAM_RUSER??




Steve Langasek ha scritto:

> The terminology tends to be a bit confusing.  When it says 'the service',
> it refers to the service the user will have access to *after* PAM has
> authenticated.  E.g., should we give this person (PAM_RUSER) access to the
> rlogin service (PAM_RLOGIN) as user 'root' (PAM_USER)?
> 

right...the problem is that PAM is local-user oriented, i.e. PAM is a
way to authenticate a local user by some external modules and not from
an application directly. The problem arises when I want to authenticate
a non local-user(pop, tacacs, radius). In this case there is no
information about the user into the system repository (etc/passwd or
similar)..in fact the user doesn't really exist ;-)...it is just an
entry into some external repository (no uid, no euid and so on)!!!
the only user is the one with two identity: one local to the sistem
running the module (i.e. the user radius if the server runs other than
root) and one for the repository connection. a bit confusing,
really.....
begin:vcard 
n:Liccardo;Massimiliano
tel;cell:eeeehhhhh......
tel;work:06 71036620
x-mozilla-html:FALSE
adr:;;;;;;
version:2.1
email;internet:mliccardo.c@mail.tim.it
title:Security Pianist Free Consultant
x-mozilla-cpt:;22288
fn:Massimiliano Liccardo
end:vcard

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []