Hello, I'm using the fork()/execl() combination to run an external executable from within an 'auth' Linux PAM module. Yes I'm aware of the security concerns of running an external apps, but I must call an external program during the auth stage. I'm also checking the executable's exit code using WEXITSTATUS() macro. [If anyone knows of a better approach, please let me know] Now, here's the problem: it behaves inconsistently. On one machine execl() succeeds most of the time, on the other machine it fails every time. The executable is located in the same place on both machines, with identical permissions. Here's the situation in more detail: PAM setup: auth required custom_module.so <-- module calling external app auth sufficient pam_krb5.so <params> auth required pam_unix2.so <params> ... ... ... Machine 1: module is invoked via console login (/etc/pam.d/login), execl() fails every time Machine 2: module is invoked from xdm (/etc/pam.d/xdm), execl() succeeds, UNLESS the user fails his Kerberos password. At this point something happens that makes execl() call fail on subsequent logins. I must restart the login manager to get the functionality back, again until one of the users fails his Kerberos password. So, why the inconsistency between machines? And in the latter case, what is it that causes this behavior? Thanks in advance. _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list