Re: PAM Slot numbers - trouble understanding the scenario

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On 13.10.2009 0:26, Julian Bui wrote:
Hi all,

I'm trying to figure out the options that PAM uses.

One option that caught my eye is the slot number option found in
pam_pkcs11.conf, since this sounds like it could possibly help me map
devices to session logins on a multi-seat desktop.

Anyway, the documentation reads: "

    Slot-number to use: 1 for the first, 2 for the second and so on. The
    default value is 0, which means to use the first slot with an
    available token."

I am confused as to what the slots are.  This documentation/description
may seem obvious to you guys, but I do not know what it means.  I am
having trouble understanding the hardware setup and the
scenario/usecase.  Is this for multiple security devices (like 3 smart
card readers, for example) ?  Maybe slot_num=2 means it uses the CAC
card in card reader #2 for the login?  Why would this be useful?  How do
you assign IDs to the devices?  Maybe I'm completely misinterpreting
this option.

First of all, the 'slot=' parameter, you meantioned, is global, IOW, it is the same for ALL login instances, thus it isn't helpful for multi-seat installations. From the excerpt, you provided, it's clear, that the 'slot=' parameter is the number of token device to use for logging the user in. The number of the particular device depends on the bus scanning order.

Sincerely Your, Dan.

Pam-list mailing list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux