Problems with pam_script on RHEL3 and pam-0.75-72
Alessandro De Maria
alessandro.demaria at gmail.com
Fri Apr 11 11:38:45 UTC 2008
Hi,
I have a little strange problem with pam_script (libpam_script-0.1.11) and
pam (pam-0.75-72) on RHEL3 Update 9
auth required pam_listfile.so bla bla
auth optional pam_script.so runas=root
auth sufficient pam_mysql bla bla.
without pam_script.so, everything works perfectly.
with pam_script installed, it works JUST if the script returns a non-zero
value.
(my script is a simple:
#/usr/bin/perl
echo(0); (or echo(1) whether I want it to fail or not)
)
according to some further tests and to the developer, pam_script correctly
returns PAM_SUCCESS (which is 0 according to the debug) to the pam system,
but the authentication fails anyway (even if pam_script is optional or
required and is not the last one in the stack).
In order to have it working I had to return a non zero result so to force
the pam_script to return an error. This way my service (vsftpd) manages to
login properly (the "optional" keywork kicks in probably).
I'm not the best one at explaining problems. I hope out there there is
somebody that can give me an hint on this problem.
Have you come across something like this before? Does it happens because pam
is too old on my ssystem?
Thanks
Alessandro
--
Alessandro De Maria
alessandro.demaria at gmail.com
Life is too important to be taken seriously. Oscar Wilde
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20080411/69a620e9/attachment.htm>
More information about the Pam-list
mailing list