Re: rename user via PAM module?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2011-06-14 at 18:49 +0200, Riccardo Murri wrote: 
> Hello,
> 
> Is there a PAM module to remap the username according to some simple
> configuration file?  I'm thinking of reading a simple plaintext file:
> 
>   string1: string2
> 
> and would set PAM_USER to "string2" if it was "string1".  My reading
> of the PAM module interface docs are that this case is supported but I
> cannot find any module implementing this.
> 
> Background: I'd like to use an LDAP directory as auth backend for some
> Linux hosts via the PAM LDAP module, but the "uid" attributes in the
> LDAP are rather awkward (a single letter + randomly generated
> six-digit number) so I would like people to be able to use their
> preferred account name for logging in.
> 
> I know I can use an arbitrary LDAP attribute for mapping, but I cannot
> write to the LDAP database and there is no such field currently. ("sn"
> has clashes)
> 
> Many thanks in advance for any hint!

There is no such module currently. Also there is a problem that some
applications/services that call the PAM library do not work correctly in
this situation. Typical example is the OpenSSH sshd that ignores the
PAM_USER changes made by modules. 

-- 
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list


[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux