Nate Yocom pinned it. If you don't run it as root, it can't read the /etc/shadow file. period. Obviously, it won't have access to it, so it can't establish the authentication credentials.
I'm afraid you have to worry about security and be root at some point, in order for the application to successfully "login".
Hm, but how does PAM then authenticate myself, in my 'pamtest' when username and logname is identical?
It does ask for the password, and the authentication fails when I give a false one, so it must know my correct password from /etc/shadow, or from where else?
But if you are right, I will probably write a separate little 'login' application - or use the existing /bin/login, if possible - as external utility called from my database application, instead of having to make the whole big beast 'setuid root'
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
