how does pam_putenv() work?
Kent Wu
kwu at xsigo.com
Fri Jul 1 18:18:11 UTC 2005
Thanks for the tips-off, Martin. I got it work now after setting
up the right config data. The problem I'm having now is that
SSHD would actually try to see if the user really exists or not by
following the search order specified in /etc/nsswitch.conf even before
the authentication. So if the user doesn't exist in either file
(/etc/passwd), ldap, nisplus or db, ...etc., it won't allow the
log-in even when PAM says yes. I need to resolve this however I think
this has nothing to do with PAM....
Thanks.
-Kent
On Thu, 2005-06-30 at 12:47, Martin wrote:
> > > I'm still fairly new to the PAM world. I'm writing a pam
> > > module now and tried to set up some environment variables for SSHD
> > > by calling pam_putenv() inside the pam_sm_authenticate() call however
> > > it never works. After the user is logged in through SSH, "env"
> > > command never showed those variables I intended to set. The sshd file
> > > under /etc/pam.d looks like this,
> <snip>
> > > but didn't find anything reltaed to this issue. I also tried to move
> > > the pam_putenv() call into pam_sm_setcred() but it didn't work
> > > either. Am I missing something here?
> Have you tried this module with services other than sshd? OpenSSHD's
> interaction with PAM is a little strange at times and it also has some
> security controls related to environments. If it works with other
> services then have a look at sshd_config, particularly the values of
> PermitUserEnvironment and UsePAM.
>
> HTH
>
> Cheers,
> - Martin
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
More information about the Pam-list
mailing list