Making a module re-enter the stack
Joe Lewis
joe at joe-lewis.com
Wed Oct 13 20:55:34 UTC 2004
> You don't need to 're-enter' PAM to change the username. See the PAM
> application guide and the PAM module guide, there is at least one
> reference to this being done explicitly. If you are interested I have a
> mostly finished aliasing module. However this isn't necessarily the
> complete answer to your problems. Depending on the application it may
> use the username for performing other calls and unless it is very
> carefully written to only take this from PAM then you could be faced
> with having to implement a hack to libnss which would be significantly
> less fun.
I will consult that. I'd prefer the module to do all the work, just
looking up an aliases map file and trying to inject the "new" username and
the original password back into the stack.
> In short, yes it's do able if you want I'll send you the code however to
> make it work the way you want you might have to hack / patch the
> applications. Which would be a general improvement to the free software
> world but not necessarily the path of least resistance.
Let me look at the stuff first, and if I have questions, I think I just
might take you up on that code offer.
Thanks for your reply, Martin!
Joe
More information about the Pam-list
mailing list