This is the problem with an external users db. Suppose I have an external user repository that I can access with username/password only, and I have an account to read/write into the db. By my pam module I have to authenticate a user using the external repository (i.e. radius, tacacs+, an so on...)...so I have a username/password to connect to my db and a username/password to authenticate. I suppose PAM_USER is for connecting to the db and PAM_RUSER is the identity of the user I want to authenticate. This is the case of radius/NAS: a NAS user could be autheticate by a radius using an external db: well, I use PAM_RUSER as the identity of the user into the NAS and PAM_USER to autheticate the PAM_RUSER into my external (oracle, ldap) repository. Steve Langasek ha scritto: > PAM_RUSER represents the identity of the user on the remote machine. PAM_USER > is who the user wants to be granted service as on the local system. > > In most cases, you want to authenticate PAM_USER. > > Steve Langasek > postmodern programmer > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list
