[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Getting changed password


I am using pam_winbind to login into GNOME with GDM, with AD user and
password. I have modified /etc/pam.d/gdm config file such that it allows
me to change the AD user password if it expires.
My question is how to obtain the new password in a modules down the
stack. I want to use the new password in my module (similar to pam_mount) to mount some of my shares. But I am not able to access the
new password and my mount is failing.

The gdm pam config file is something like this:

auth     required       my_pam_mount.so
auth     optional       pam_krb5.so use_first_pass creds
auth     sufficient     pam_unix2.so use_first_pass nullok #set_secrpc
auth     required       pam_winbind.so use_first_pass use_authtok
account  sufficient     pam_unix2.so
account  required       pam_winbind.so
password sufficient     pam_unix2.so   use_authtok #strict=false
password required       pam_winbind.so  use_authtok
session  required       pam_unix2.so   # trace or none
session  required       pam_mkhomedir.so skel=/etc/skel umask=0022
session  optional       my_mount_conf.so
session  required       pam_devperm.so debug audit
session  optional       pam_console.so debug audit

Under password section, the expired password is changed. And under
session section, I would like to obtain new password in my_pam_mount.so
module and use it.

I am doing pam_get_item (pamh, PAM_AUTHTOK, ...), but it does not give
me any password.

Any ideas, tips ?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]