altering entered PAM username

DC <dc@xxxxxxxxx> · Tue, 05 Aug 2003 15:48:54 -0500

I'm integrating a linux system into a Novell Environment, unfourtunately 
almost all of the Novell usernames are "firstname lastname" which poses 
a major problem (linux refuses to allow two word usernames).  I use 
pam_ncp_auth for authentication in gdm.  What I want to do is add a 
module early on in the pam stack that will convert in spaces in the 
username to underscores.  I already have the code for the conversion but 
I'm having some trouble with the pam part.  My goal is this: If user 
"David Carr" is entered I want it for all PAM intents and purposes to 
have entered David_Carr.  Here is a quick hack that was not 
successful... I would like to know what else I need to make this work.  
Thanks for your help.

/* pam_permit module */

/*
* $Id: pam_permit.c,v 1.2 2000/12/04 19:02:34 baggins Exp $
*
* Written by Andrew Morgan <morgan@xxxxxxxxxxxxxx> 1996/3/11
*
*/

#define DEFAULT_USER "david"

#include <stdio.h>

/*
* here, we make definitions for the externally accessible functions
* in this file (these definitions are required for static modules
* but strongly encouraged generally) they are used to instruct the
* modules include file to define their prototypes.
*/

#define PAM_SM_AUTH
#define PAM_SM_ACCOUNT
#define PAM_SM_SESSION
#define PAM_SM_PASSWORD

#include <security/pam_modules.h>
#include <security/_pam_macros.h>

/* --- authentication management functions --- */

PAM_EXTERN

int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc

                       ,const char **argv)

{

   int retval;

   const char *user=NULL;

     D(("username not known"));

     pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);

   return PAM_SUCCESS;
}

PAM_EXTERN

int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc

                  ,const char **argv)

{

 D(("username not known"));

 pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);

 return PAM_SUCCESS;

}

/* --- account management functions --- */

PAM_EXTERN

int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc

                    ,const char **argv)

{

 D(("username not known"));

 pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);

 return PAM_SUCCESS;

}

/* --- password management --- */

PAM_EXTERN
int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc
                    ,const char **argv)
{
 D(("username not known"));
 pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);
 return PAM_SUCCESS;
}

/* --- session management --- */

PAM_EXTERN
int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc
                       ,const char **argv)
{
 D(("username not known"));
 pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);
 return PAM_SUCCESS;
}

PAM_EXTERN
int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc
                        ,const char **argv)
{
    return PAM_SUCCESS;
}

/* end of module definition */

#ifdef PAM_STATIC

/* static module data */

struct pam_module _pam_permit_modstruct = {
   "pam_chuser",
   pam_sm_authenticate,
   pam_sm_setcred,
   pam_sm_acct_mgmt,
   pam_sm_open_session,
   pam_sm_close_session,
   pam_sm_chauthtok
};

#endif

the pam config file for this service (gdm)
#%PAM-1.0
auth       required     pam_env.so
auth       required     pam_chuser.so
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
account    required     pam_chuser.so
account    required     pam_stack.so service=system-auth
password   required     pam_chuser.so
password   required     pam_stack.so service=system-auth
session    required     pam_chuser.so
#session    required    pam_stack.so service=system-auth
session    optional     pam_console.so

Thanks agian,
-DC

_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list