Ah, the cleanup hook. I think that would do the trick thanks. I don't think the case where the program dies without the cleanup happening is too much of a problem for me so that could be the answer, thanks.
I'll make some changes to the code and run the tests again and then make a release. Thanks for the help.
Here you go: http://hexten.net/sw/pam_abl/index.mhtml
I couldn't get the cleanup hook to work exactly as expected - no matter whether authentication had failed it always seems to get PAM_SUCCESS. As suggested I'm now using the pam_sm_setcred hook to indicated that authentication has succeeded and that's working well, thanks.
-- Andy Armstrong
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
