PAM modules violating PAM architecture?, e.g. mod_auth_pam
Kenneth Porter
shiva at sewingwitch.com
Wed Oct 6 19:24:59 UTC 2004
--On Wednesday, October 06, 2004 11:44 AM -0700 Jed Donnelley
<jed at nersc.gov> wrote:
> Specifically, rather than going through PAM modules as specified in the
> pam.d configuration file (e.g. pam.d/httpd in the case I am focusing on),
> mod_auth_pam punches through directly to base underlying Unix calls
> including getpwnam and getgrnam (calls that don't lay on top of PAM) for
> parts of its function.
The mod_auth_external module was pointed out to me this morning as an
alternative to mod_auth_pam:
<http://www.unixpapa.com/mod_auth_external.html>
One would use this in combination with the pwauth helper binary:
<http://www.unixpapa.com/pwauth/>
The latter does the actual PAM authentication, using pipes for IPC.
More information about the Pam-list
mailing list