So, if I fetch a pam_handle in my process, but say I call fork() a
separate process to call pam_authenticate() and handle the ensuing
conversation then will I have a similar problem? Will the pam_handle
owned by the parent process now be "out of date"?
thanks, Brent
On Tue, Jan 06, 2004 at 02:32:28PM -0700, Brent McClure wrote:
> Is it necessary to preserve the same pam_handle across
> multiple calls to the various pam_* functions, or is it
> OK to fetch a new pam_handle by calling pam_start() whenever
> one is needed? Is there some state that is lost by doing
> this?
> So, for example is the following code actually OK, or would
> the same 'pamh' instance need to be preserved across all of the
> calls to pam_authenticate, pam_acct_mgmt, etc?
There is definitely state that's lost by doing what you suggest.
--
Steve Langasek
postmodern programmer
> func1()
> {
> pam_handle_t *pamh = 0;
> pam_start("myapp", 0, &conv, &pamh);
> pam_authenticate(pamh, 0);
> pam_end(pamh);
> }
>
> func2()
> {
> pam_handle_t *pamh = 0;
> pam_start("myapp", 0, &conv, &pamh);
> pam_acct_mgmt(pamh, 0);
> pam_end(pamh);
> }
>
> func3()
> {
> pam_handle_t *pamh = 0;
> pam_start("myapp", 0, &conv, &pamh);
> pam_open_session(pamh)
> pam_end(pamh);
> }
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
