Steve Langasek wrote: > On Mon, Aug 03, 2009 at 02:01:07PM -0600, Jason Gerfen wrote: >> After a bit of researching I would like to clarify that utilizing the >> pam_putenv() function would allow me to pass a UID/GID pair to the >> pam_unix authentication module as long as the pam_unix module utilizes >> the pam_getenv() function to recognize a valid UID/GID pair vs utilizing >> the getpwnam() function. > > The pam_putenv()/pam_getenv() functions are used to set "environment" > variables related to the PAM session, primarily with the expectation that > these values will be exported to the process environment at the start of the > PAM session by the service. > > There is no way in which pam_unix would look at the PAM environment for > UID/GID values (nor should it). > Thats all I needed to know is that it shouldn't. I am assuming here but I suppose it was decided that UID/GID information would be verified using getnent functionality vs. passing this information along within the pam stack such as nss_ldap correct? -- Jas "Tomorrow isn't promised so we live for today" _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
