Russell Kliese wrote:
>
> I have been hacking at the pam_mysql code of late trying to make it a
> little more flexible. I would like to put an argument in the pam
> configuration file something like query="select user_name from
> internet_service where user_name='%u' and password=PASSWORD('%p') and
> service='web_proxy'" (where %u is replaced by a username and %p a password).
>
> The problem is that pam seems to want to split this single argument up
> into many arguments (at the spaces). Was this behaviour intended? I am
> using the 0.72- 35 debian packaged pam libs.
Yes, this is the expected behavior.
> Should I be working on a workaround for the pam_mysql module or would it
> be better to have a look at the pam source.
You might have a little more luck if you tried
[user_name='%u' and password=PASSWORD('%p') and service='web_proxy']
This is completely untested by me, right now, but if I recall correctly
it should work.
The reason this may work is actually a little bit of a side-effect of
supporting the alternative format for the control tokens, but I think I
was thinking about this exact need when I coded it N years ago.
I don't know off hand if there is a way to encode '[' or ']' in a module
argument and have the module actually see these characters, but I'd be
very happy for you to play with everything you can along these lines,
report what works/fails and I'll consider it a bug report/feature
request...
Cheers
Andrew
