Re: pam_unix, pam_putenv() and pam_getenv()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Tue, Aug 04, 2009 at 10:27:40AM -0600, Jason Gerfen wrote:
> > There is no way in which pam_unix would look at the PAM environment for
> > UID/GID values (nor should it).

> Thats all I needed to know is that it shouldn't. I am assuming here but
> I suppose it was decided that UID/GID information would be verified
> using getnent functionality vs. passing this information along within
> the pam stack such as nss_ldap correct?

Nothing in PAM "verifies" uids or gids.  The NSS libc interfaces provide the
authoritative maps between user/group names an u/gids.

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                          
slangasek@xxxxxxxxxx                                     vorlon@xxxxxxxxxx

Pam-list mailing list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux