Proper Way for a PAM Module to Add Groups to a User
Douglas Logan
tembenite at gmail.com
Sat Oct 1 14:36:47 UTC 2016
Hello,
I'm trying to create a PAM module. I've had no problem with the
standard authentication portion and have that working based on some
samples I was able to find.
However, I'm having a difficult time finding an example on how I'm
supposed to add additional groups to a user during PAM login. If I'm
reading things correctly, it looks like this should be done with
pam_setcred, but I'm not seeing anything in the documentation which
documents how.
The behavior I'm looking for is the same way pam_ldap can work where
external LDAP groups are added to the user on login.
I apologize if this is a silly question. I'm relatively new to C
programming, and it may be I'm simply not understanding the
documentation as a result. There are very few references to adding
groups, however, besides the occasional high-level documentation I've
found which states its part of the auth portion, and at least one
document that suggests its handled with the pam_setcred API.
Any help you can give me would greatly be appreciated. I've spent the
last 3-4 hrs trying to research this without finding much concrete
information.
Thanks,
Doug
More information about the Pam-list
mailing list