Greetings, I'm trying to find an equivelant functionality of doing a fork() and exec() at the end of the PAM stack. I have a setup involving several authentication servers, and upon the successful query against the main server, a caching server needs to be updated with new username/password info. The caching server is used as a primary authentication, and the module after that is used for timely user/pass info. When the caching server fails, and the last server succeeds, I need to run some kind of script that would update the caching server password, along with another Samba server PDC passwd database. Has anyone ever created a module that does something similar to this, essencially being able to "do my special stuff" after a login succeeds? I realize that this really only requires like 3 lines of code to fork and exec, but what about security implications? My thought, is that there must be *someone* out there that has wanted functionality like this, but there must be some other major security flaw with running a shell/perl script from the PAM library level... possibly as root. Any thoughts? Thanks, Cal Heldenbrand __________________________________ Do you Yahoo!? Yahoo! Finance: Get your refund fast by filing online. http://taxes.yahoo.com/filing.html _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
