jason gerfent : PAM and thread

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,
I work with GUI (my application is gdm, it contains main( )) which source code is not approachable. So I only write in pam_pkcs11.c.
Is it possible to use thread out of main( ) program ? 
how did you do? I guess you wrote pthread_create in su for example.

thanks,
Aro

> Date: Wed, 12 Aug 2009 07:25:40 -0600
> From: jason.gerfen@xxxxxxxxxxxx
> To: pam-list@xxxxxxxxxx
> Subject: Re: thread within PAM
>
> Aro RANAIVONDRAMBOLA wrote:
> >
> >
> >
> >
> >
> > Hello,
> > I have to set two authentication method :
> > - first, the main interface asks the user to provide the login. If the user forget his smart card, he has to provide his login and pwd. Otherwise, the user inserts his card and the system discerns the smart card, so ( at the same time ) :
> > - second, we topple over a new interface displaying on the screen " Hello xxxx. Please enter your PIN code " (the system will have retrieve the username xxxx from the card ).
> >
> > I think about using thread to implement both authentication. For example, threadA will deal with the first interface and threadB will run in background and as soon as the user inserts the card, it notify threadA .
> > I looked for the PAM scheme (application - libpam - mymodule.so - pam.d ) and I am asking myself if I can implement thread.
> > I compiled and run the pam_pkcs11.c to see how going about things. I pointed out that, anyway, user has to enter his login then enter his PIN code ( if a card is discerned ) or enter his pwd (if he forgets his card ).
> >
> > the aim of my project : the user must not to enter login, the system have to be able to read the login on the card and display it. And overall, if the user forgets his card, ask him for the login and pwd.
> >
> > My question :
> > - is there someone who used thread in PAM in such situation ?
> >
> I tried to implement a module which utilized threads to create
> child/parent processes and it works, but it created some odd behavior
> within the standard text based login.
>
> I did not test this with a GUI login so you might have better luck there.
>
> One module you may want to take a look at for utilizing a device vs.
> username/password schema is the pam_fprint module located here:
> http://reactivated.net/fprint/wiki/Pam_fprint
>
> It utilizes a secondary library which runs as a service. I think this is
> something you should look into vs. utilizing a forked process within
> your module. The process would be a bit easier to communicate with
> within the pam stack and give you more stable results.
> > Thanks for your help,
> >
> > Aro
> >
> >
> >
> > _________________________________________________________________
> > Avec Windows Live, vous organisez, retouchez et partagez vos photos.
> > http://www.microsoft.com/northafrica/windows/windowslive/products/photo-gallery-edit.aspx
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Pam-list mailing list
> > Pam-list@xxxxxxxxxx
> > https://www.redhat.com/mailman/listinfo/pam-list
>
>
> --
> Jas
>
> "Tomorrow isn't promised so we live for today"
>
> _______________________________________________
> Pam-list mailing list
> Pam-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/pam-list


Partagez vos souvenirs sur le Web avec les personnes de votre choix les personnes de votre choix.
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux