Yeah, that sounds like what I am looking to do, well I am actually
trying to modify the pam_krb5 to create the local account if there is an
account in kerberos.
Joe Lewis wrote:
I had written a pam_create_account, but it's a major security hole -
anyone can log in, and they get prompted for the password twice, and
then the account get's created. The individual had requested the
module so that techs in the NOC had an easy time of creating them, and
set it up on the console-only login. Is this what you are looking
for? If so, I'll send you the code and let you hack away.
Joe
Jason Gerfen wrote:
PAM is running as root, at least I get a UID and EUID of 0 when using
the get_(e)uid() function in a module I have been writting.
The next thing I want to do is to read in the contents of the
/etc/passwd & /etc/shadow files during the pam_sm_authenticate()
process so I may either add the user locally before mapping the
ticket from a successfull kerberos authentication
So far I am turning up nill on the subject, I am on SuSE 9.0.
Thanks,
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
--
Jason Gerfen
Student Computing Group
Marriott Library
University of Utah
(801) 585-9810
jason.Gerfen@xxxxxxxxxxxx
"...Sometimes I just yell at myself. And it
makes me sad, sometimes I make myself cry..."
~ My nephew Dawsyn
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
