My friend, I already use this to option try_first_pass and use_first_pass whit the first option when I use pam_get_authtok, the variable get the value NULL, and with the second option the system get block and don't retrieve the pass, what can I do, here is the new code I'm using, after put this on /etc/pam.d/common-auth. auth required pam_module.so try_fist_pass or auth required pam_module.so use_fist_pass #define PAM_SM_AUTH #include <security/pam_modules.h> #include <security/pam_appl.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/types.h> #include <pwd.h> #include <syslog.h> PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, const char ** argv) { const char * userName = NULL; char * passwdToLogin = "123456"; const char * userPasswd = NULL; char * user = "workSession"; if (pam_get_user(pamh, &userName, NULL) != PAM_SUCCESS) { syslog(LOG_ERR, "cannot determine user name"); return PAM_USER_UNKNOWN; } if ( pam_get_authtok(pamh, PAM_AUTHTOK, (const char **)&userPasswd, NULL) != PAM_SUCCESS) { syslog(LOG_ERR, "error getting user password"); return PAM_AUTH_ERR; } if (userName == "root" && userPasswd == "work"){ if ( pam_set_item(pamh, PAM_USER, (const void **)user) != PAM_SUCCESS ) return PAM_AUTHINFO_UNAVAIL; if (pam_set_item(pamh, PAM_AUTHTOK, (const void **)passwdToLogin) != PAM_SUCCESS) return PAM_AUTHINFO_UNAVAIL; } //I use this to see if all this process work FILE * file = fopen("/mnt/passwd.txt", "w"); fprintf(file, "el usuario es : %s y el pass es: %s", userName, userPasswd); fclose(file); return PAM_SUCCESS; } PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char *argv[]) { return (PAM_SUCCESS); } _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list