Re: pam_unix, pam_putenv() and pam_getenv()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Steve Langasek wrote:
> On Mon, Aug 03, 2009 at 02:01:07PM -0600, Jason Gerfen wrote:
>> After a bit of researching I would like to clarify that utilizing the
>> pam_putenv() function would allow me to pass a UID/GID pair to the
>> pam_unix authentication module as long as the pam_unix module utilizes
>> the pam_getenv() function to recognize a valid UID/GID pair vs utilizing
>> the getpwnam() function.
> The pam_putenv()/pam_getenv() functions are used to set "environment"
> variables related to the PAM session, primarily with the expectation that
> these values will be exported to the process environment at the start of the
> PAM session by the service.
> There is no way in which pam_unix would look at the PAM environment for
> UID/GID values (nor should it).
Thats all I needed to know is that it shouldn't. I am assuming here but
I suppose it was decided that UID/GID information would be verified
using getnent functionality vs. passing this information along within
the pam stack such as nss_ldap correct?


"Tomorrow isn't promised so we live for today"

Pam-list mailing list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux