Re: Checking if PAM is used by login

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I don't follow you. PAM is not a service but a library (with plugins in
the form of shared objects - .so files). You don't simply disable PAM.
Take the /bin/login program - it is used for login at the console. Try to
run ldd /bin/login and see that this program is linked with libpam.so.
Then check /etc/pam.d/login to see how login is using PAM.

on the other hand sshd could stop PAM authentication due to a configuration change. The library would still be linked in, but its code would no longer be executed. (The same could happen with apache and other programs.)

You could configure a logging module into the PAM stack. Some 10 years ago I wrote such a module to debug PAM problems. The module is still available via http://www.rz.uni-hohenheim.de/~schaefer/linux/pam/index.html. But it probably won't compile out of the box since it was only tested with Linux distributions that have long since passed away.


Tobias
--

  Tobias Schaefer				Phone	07071-9457-406
  science + computing ag			FAX	07071-9457-411
  Hagellocher Weg 73
  D-72070 Tuebingen     Email: T.Schaefer@xxxxxxxxxxxxxxxxxxxx
        WWW:  http://www.science-computing.de/
--
Vorstand/Board of Management:
Dr. Bernd Finkbeiner, Dr. Florian Geyer,
Dr. Roland Niemeier, Dr. Arno Steitz, Dr. Ingrid Zech
Vorsitzender des Aufsichtsrats/
Chairman of the Supervisory Board:
Prof. Dr. Hanns Ruder
Sitz/Registered Office: Tuebingen
Registergericht/Registration Court: Stuttgart
Registernummer/Commercial Register No.: HRB 382196
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux