[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: /etc/passwd & /etc/shadow



Yeah, that sounds like what I am looking to do, well I am actually trying to modify the pam_krb5 to create the local account if there is an account in kerberos.

Joe Lewis wrote:

I had written a pam_create_account, but it's a major security hole - anyone can log in, and they get prompted for the password twice, and then the account get's created. The individual had requested the module so that techs in the NOC had an easy time of creating them, and set it up on the console-only login. Is this what you are looking for? If so, I'll send you the code and let you hack away.

Joe

Jason Gerfen wrote:

PAM is running as root, at least I get a UID and EUID of 0 when using the get_(e)uid() function in a module I have been writting.

The next thing I want to do is to read in the contents of the /etc/passwd & /etc/shadow files during the pam_sm_authenticate() process so I may either add the user locally before mapping the ticket from a successfull kerberos authentication

So far I am turning up nill on the subject, I am on SuSE 9.0.

Thanks,



_______________________________________________
Pam-list mailing list
Pam-list redhat com
https://www.redhat.com/mailman/listinfo/pam-list



-- Jason Gerfen Student Computing Group Marriott Library University of Utah (801) 585-9810 jason Gerfen scl utah edu

"...Sometimes I just yell at myself. And it
makes me sad, sometimes I make myself cry..."
			~ My nephew Dawsyn




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]