Hi,
I am using pam_winbind to login into GNOME with GDM, with AD user and
password. I have modified /etc/pam.d/gdm config file such that it allows
me to change the AD user password if it expires.
My question is how to obtain the new password in a modules down the
stack. I want to use the new password in my module (similar to pam_mount) to mount some of my shares. But I am not able to access the
new password and my mount is failing.
The gdm pam config file is something like this:
#%PAM-1.0 auth required my_pam_mount.so auth optional pam_krb5.so use_first_pass creds auth sufficient pam_unix2.so use_first_pass nullok #set_secrpc auth required pam_winbind.so use_first_pass use_authtok account sufficient pam_unix2.so account required pam_winbind.so password sufficient pam_unix2.so use_authtok #strict=false password required pam_winbind.so use_authtok session required pam_unix2.so # trace or none session required pam_mkhomedir.so skel=/etc/skel umask=0022 session optional my_mount_conf.so session required pam_devperm.so debug audit session optional pam_console.so debug audit
Under password section, the expired password is changed. And under session section, I would like to obtain new password in my_pam_mount.so module and use it.
I am doing pam_get_item (pamh, PAM_AUTHTOK, ...), but it does not give me any password.
Any ideas, tips ?
Regards, Narayana
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list