Hello, I have a question on my first PAM-aware application, and the web has not yielded the knowledge I need. I need to write an authentication function that will be called from an external program. The function needs to take username & pass as arguments and return 0 or 1. When I first did this for DG-UX I had to resort to the old hash-password-and-compare-to-getpwnam() method, but since we've moved to Linux I figure I should/need to do this through PAM. So far I've built the reference program [0], but am trying to figure out how to pass pam_authenticate() the password instead of having it ask for it - this has to be completely non-interactive and produce no output. From the small amount of examples and references I've found [1], I *think* I need to write a new conversation function and pass that to pam_start(), but I haven't figured out the propper syntax to do that [2]. Any help is appreciated. Thanks, -will [0] http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam_appl-8.html [1] http://www.freebsd.org/doc/en_US.ISO8859-1/articles/pam/index.html [2] This was what I tried after merging [1] into [0], which doesn't work: static struct pam_conv conv = { misc_conv, NULL }; int static_conv(int n, const struct pam_message **msg, struct pam_response **resp, void *data) { struct pam_response *aresp; int i; if (n <= 0 || n > PAM_MAX_NUM_MSG) return (PAM_CONV_ERR); if ((aresp = calloc(n, sizeof *aresp)) == NULL) return (PAM_BUF_ERR); for (i = 0; i < n; ++i) { aresp[i].resp_retcode = 0; aresp[i].resp = "myActualSecretPass"; } *resp = aresp; return (PAM_SUCCESS); } int main(int argc, char *argv[]) { ..... conv.conv = &static_conv; retval = pam_start("test", user, &conv, &pamh); ..... } -- ---------Will McDonald-----------------will@xxxxxxxxxxxxxxxxxxxxxxxxx GPG encrypted mail preferred. Join the web-o-trust! Key ID: F4332B28 _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
