On 15.01.2009 22:38, Sascha Ochsenknecht wrote:
Hi,
I would like to execute a command whenever somebody tries to login on a
machine. The command should have following information (via env or
something else):
a) username
b) login successful / login failed
c) if failed -> why? (password wrong or non-existing username)
Generally speaking, that information is written into syslog by majority of
modules designed for authentication in the case of login failure.
I played a bit with pam_exec, but I'm not sure how to pass the
information to the command specified with the pam_exec module. I know
that I can get the username from the env PAM_USER. But the other
information?
Login success/failure status becomes known only after auth stack is through with
it's job and only to the calling application. In addition, login failure may be
caused with account stack. So there is no way to accomplish what you want.
--
Sincerely Your, Dan.
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list