On Tue, Jan 15, Steve Langasek wrote: > > Password-changing could be done with pam_sm_chauthtok, this is no > > problem and works fine. > > > I try to merge the different chsh/chfn versions into one, which is > > able to change the shell/gecos information for user without the need > > for the user to know where is data is stored and which program to use. > > > I wish to do the normal, necessary authentication with PAM and then > > change the information on the remote side. > > Ok, that definitely points to either #2 or #3. Since you're probably > looking for a general solution that works with existing infrastructure > without dependencies on things like SASL & GSSAPI, #3 seems best here. I know export the password with pam_putenv. As far as I can see in the code, the PAM environment variablen are only visible to the program? Or are could there be any security risks I don't see in the moment? Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE GmbH Deutschherrenstr. 15-19 D-90429 Nuernberg -------------------------------------------------------------------- Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
Attachment:
pgp00030.pgp
Description: PGP signature
