James, We got around the problem by building a "suid root" wrapper program that invokes the pam functions (including passwd). However, one trick was to make the program do a setuid to root to make the effective uid be root. It was then able to do authentication tasks for things like web-based password change. See info on ComBase ... http://www.comnets.com Dave Retz Comware International Inc. James West wrote: > > I'm having some trouble with getting certain services thar don't run as root, > using pam. > > Namely postgresql runs as user postgres, but I was expirimenting with various > versions of pam_unix and had no luck getting it to auth, until I messed with > permissions of /etc/shadow. > > Now, I'm sure this is a really old and obvious problem. (and if the truth be > known I can probably work without it) > > But, is there a way around it? > > > ---------------------------------------------------------- > James West > westj@sunnydaleschool.co.uk > > Visit us on the web at: http://www.sunnydaleschool.co.uk > > > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list
