--On Wednesday, October 06, 2004 11:44 AM -0700 Jed Donnelley <jed@xxxxxxxxx> wrote:
Puzzled, I looked at mod_auth_pam.c (1.1.1) and found:
418: pwent = getpwnam(r->connection->user); and 464: if ((grent = getgrnam (groupname)) && grent->gr_mem) {
My copy says "#define VERSION "2.0-1.1" and has only 412 lines. The tarball name claims version 1.1.1, found here:
<http://pam.sourceforge.net/mod_auth_pam/>
Where did you pull your copy from?
The same. I'm referring to the 1.3 version, 1.1.1. I just pulled down the 2.0-1.1.1
version and took a look. It looks quite different. I do see:
#include <pwd.h> /* for getpwnam et.al. */ #include <grp.h> /* for getpwnam et.al. */
but then I don't see any calls to getpwnam or to getgrnam. Perhaps the version for
Apache 2.x fixes this problem? I'd be willing to give it a try, though I may not get
to it for a week or so.
I do see lines like that in mod_auth_sys_group.c, which is compiled into a separate module.
I think that may be unavoidable due to the lack of a PAM configuration/interface
for group lookup. Well, the call to getgrnam anyway. Do you see a call to getpwnam?
That might cause a problem, but perhaps the best way to check would be to try it out.
--Jed http://www.nersc.gov/~jed/
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
