On 13.10.2009 0:26, Julian Bui wrote:
Hi all,
I'm trying to figure out the options that PAM uses.
One option that caught my eye is the slot number option found in
pam_pkcs11.conf, since this sounds like it could possibly help me map
devices to session logins on a multi-seat desktop.
Anyway, the documentation reads: "
slot_num=<nr>
Slot-number to use: 1 for the first, 2 for the second and so on. The
default value is 0, which means to use the first slot with an
available token."
I am confused as to what the slots are. This documentation/description
may seem obvious to you guys, but I do not know what it means. I am
having trouble understanding the hardware setup and the
scenario/usecase. Is this for multiple security devices (like 3 smart
card readers, for example) ? Maybe slot_num=2 means it uses the CAC
card in card reader #2 for the login? Why would this be useful? How do
you assign IDs to the devices? Maybe I'm completely misinterpreting
this option.
First of all, the 'slot=' parameter, you meantioned, is global, IOW, it is the
same for ALL login instances, thus it isn't helpful for multi-seat
installations. From the excerpt, you provided, it's clear, that the 'slot='
parameter is the number of token device to use for logging the user in. The
number of the particular device depends on the bus scanning order.
--
Sincerely Your, Dan.
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list