Getting changed password
Narayana Pattipati
Narayana.Pattipati at Sun.COM
Mon Jan 31 15:45:57 UTC 2005
Hi,
I am using pam_winbind to login into GNOME with GDM, with AD user and
password. I have modified /etc/pam.d/gdm config file such that it allows
me to change the AD user password if it expires.
My question is how to obtain the new password in a modules down the
stack. I want to use the new password in my module (similar to
pam_mount) to mount some of my shares. But I am not able to access the
new password and my mount is failing.
The gdm pam config file is something like this:
#%PAM-1.0
auth required my_pam_mount.so
auth optional pam_krb5.so use_first_pass creds
auth sufficient pam_unix2.so use_first_pass nullok #set_secrpc
auth required pam_winbind.so use_first_pass use_authtok
account sufficient pam_unix2.so
account required pam_winbind.so
password sufficient pam_unix2.so use_authtok #strict=false
password required pam_winbind.so use_authtok
session required pam_unix2.so # trace or none
session required pam_mkhomedir.so skel=/etc/skel umask=0022
session optional my_mount_conf.so
session required pam_devperm.so debug audit
session optional pam_console.so debug audit
Under password section, the expired password is changed. And under
session section, I would like to obtain new password in my_pam_mount.so
module and use it.
I am doing pam_get_item (pamh, PAM_AUTHTOK, ...), but it does not give
me any password.
Any ideas, tips ?
Regards,
Narayana
More information about the Pam-list
mailing list