On Tue, Aug 04, 2009 at 10:27:40AM -0600, Jason Gerfen wrote: > > There is no way in which pam_unix would look at the PAM environment for > > UID/GID values (nor should it). > Thats all I needed to know is that it shouldn't. I am assuming here but > I suppose it was decided that UID/GID information would be verified > using getnent functionality vs. passing this information along within > the pam stack such as nss_ldap correct? Nothing in PAM "verifies" uids or gids. The NSS libc interfaces provide the authoritative maps between user/group names an u/gids. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek@xxxxxxxxxx vorlon@xxxxxxxxxx _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list