On Wed, 9 Aug 2000, Max Liccardo wrote: > > If your module gets the username/password from its own configuration file, > > there's no reason to store this username in one of the PAM_ITEMs: the > > PAM_ITEMs are there for module<->module and application<->module > > intercommunication. > Yes, this is correct, my doubt was after reading the 5.1.2 of the "Linux > Pam Module Writers' Guide", where PAM_USER is "the user under whose > identity the service will be granted". According to me, if I should > connect to an external repository I should assume the identity of an > authorisated repository user and often this one differs from the user > beeing authenticated. The terminology tends to be a bit confusing. When it says 'the service', it refers to the service the user will have access to *after* PAM has authenticated. E.g., should we give this person (PAM_RUSER) access to the rlogin service (PAM_RLOGIN) as user 'root' (PAM_USER)? Steve Langasek postmodern programmer
