[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: About pam_access



On Thu, May 05, Александр Берсенев wrote:

> Hello,
> in pam_access.c function pam_sm_setcred always returning PAM_IGNORE,
> but in "man pam_sm_setcred" PAM_IGNORE is not in the list of possible
> return values.
> 
> This behavior gives us some unpredictable results while we using this
> pam module. Should it be better to always return PAM_SUCCESS like in
> pam_rhosts.c?
> 

Why does this give you some unpredictable results? Are you calling
PAM modules directly from your application? In general, a PAM module
can more or less always return what it likes. The manual page is only
a good catch of the most common return values, not that no other are
allowed.

  Thorsten

-- 
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]