On Thu, 29 May 2003, Florian Verdet wrote: > I'm extending the pam_mysql module and want to fetch HOME and SHELL from a > MySQL db and pass them to the PAM application (login, ssh,...) to use them > accordingly. Why do it from PAM? It's not the right place. You want a plug in to the NSS system calls (particularly for those to passwd, shadow and group)that will allow you to use a mysql database instead of flat files for them. There already is one available and it is VERY good. It's called nss_mysql and you can find all the details here - http://savannah.nongnu.org/projects/nss-mysql You can still use PAM for authentication with it however all getpw* and getgr* calls will be served according you the settings in your /etc/nsswitch.conf file (where you configure the system to use mysql for those lookups). > What I found was, that they fetch the info, which SHELL to execute and > which HOME directory to use, directly by means of the functions you, > Jason, named (getpw*) and therefor (often) directly from /etc/passwd ! > > Is there really no way to do it from a PAM module ??? It's just not the right place to do it. > I think it would be possible to do something like this by writing a new > (or using an existant) nss library... Bingo. See above. Jason Clifford -- UKFSN.ORG Finance Free Software while you surf the 'net http://www.ukfsn.org/ Sign up now _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
