>Mark Valence wrote: >> >> My program loads a shared lib (.so) that then calls pam_start, etc. >> pam_start succeeds, but when I call pam_authenticate it fails with >> error "Module is unknown". >> >> Same exact code works when linked into the main program (i.e., not in >> the .so). Is there anything special about using pam from within a >> .so? > >http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/pam/Linux-PAM/dynamic/ >pam.c?rev=1.1&content-type=text/vnd.viewcvs-markup > >Feedback appreciated. Looks like that would solve the problem, although isn't the crucial part simply the use of RTLD_GLOBAL|RTLD_NOW as the mode in dlopen? If that is the case, then that's what I will use as a fix for now (since I need to be backward compatible with older versions of pam), and not do the -lpam when I build. One comment on your CONFIRM_PAM_FUNCTION macro. Why not just go all the way: #define GENERATE_PAM_FUNCTION(x, y, z, p, err) \ y x { \ static y (*real_##x) z; union { const void *tpointer; y (*fn) z ; } fptr; \ fptr.tpointer = dlsym(libpam_h, #x); real_##x = fptr.fn; \ if (real_##x == NULL) { \ D(("unable to resolve '" #x "': %s", dlerror())); \ return err; \ } \ return real_##x p; \ } GENERATE_PAM_FUNCTION(pam_start, int, (const char *sn, const char *user, const struct pam_conv *conv, pam_handle_t **pamh), (sn, user, conv, pamh), PAM_ABORT) GENERATE_PAM_FUNCTION(pam_end, int, (pam_handle_t *pamh, int pam_status), (pamh, pam_status), PAM_ABORT) ... etc. ;-) Thanks for the tip. Mark.
