PAM touching shadow?
Igmar Palsenberg
maillist at jdimedia.nl
Mon Jul 19 12:36:15 UTC 2004
> Unfortunately,
> however, our workstations running xscreensaver have SNARE reporting that
> the (non-root) logged-in user unsuccessfully attempts to touch the
> /etc/shadow file, with timestamps that correspond to the exact times that
> the user unlocks the window via xscreensaver.
Sound logical to me : xscreensaver needs to verify the user's password,
let's PAM handle that, and PAM needs to open /etc/shadow to verify the
actual hashes.
> I have narrowed it down to PAM (I think), as I've recompiled xscreensaver
> with absolutely no passwd references; only the PAM libraries compiled in,
> and the problem still presents itself. Does anyone know if PAM is making
> this call at some point, and if so, what is the reason behind it? Is PAM
> just doing a sanity permission check on the shadow file?
It's probably opening it.
Igmar
More information about the Pam-list
mailing list