[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

LSB PAM Testsuite/questions about behavior



Hi,

The LSB wrote a test suite for PAM. After looking at the results,
I have some questions about the PAM specification, where I couldn't
find anything:

1. The PAM specefication describes the PAM_MAXTRIES error code, but
not when it should be used. Does a module needs to return PAM_MAXTRIES
at some time?

2. If I call pam_authenticate with a unknown user, should the Module
return PAM_AUTHINFO_UNAVAIL or PAM_USER_UNKNOWN?
As far as I understand the documentation, PAM_AUTHINFO_UNAVAIL should
be returned if there are network or hardware problems, but not if the
user is unknown to the system.

3. Calling pam_chauthtok and the users enters the correct old
password, but aborts on typing the new one, should a PAM module
return PAM_AUTHTOK_RECOVER_ERR (I think this is wrong, since we
got the old token) or PAM_AUTHTOK_ERR?


I would be great if some people could tell me their opinium about
this.

  Thanks,
    Thorsten
-- 
Thorsten Kukuk       http://www.suse.de/~kukuk/        kukuk suse de
SuSE Linux AG        Deutschherrnstr. 15-19        D-90429 Nuernberg
--------------------------------------------------------------------    
Key fingerprint = A368 676B 5E1B 3E46 CFCE  2D97 F8FD 4E23 56C6 FB4B




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]