My friend, I already use this to option
try_first_pass and
use_first_pass
whit the first option when I use pam_get_authtok, the variable get the value NULL,
and with the second option the system get block and don't retrieve the pass, what
can I do, here is the new code I'm using, after put this on /etc/pam.d/common-auth.
auth required pam_module.so try_fist_pass
or
auth required pam_module.so use_fist_pass
#define PAM_SM_AUTH
#include <security/pam_modules.h>
#include <security/pam_appl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <pwd.h>
#include <syslog.h>
PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, const
char ** argv)
{
const char * userName = NULL;
char * passwdToLogin = "123456";
const char * userPasswd = NULL;
char * user = "workSession";
if (pam_get_user(pamh, &userName, NULL) != PAM_SUCCESS)
{
syslog(LOG_ERR, "cannot determine user name");
return PAM_USER_UNKNOWN;
}
if ( pam_get_authtok(pamh, PAM_AUTHTOK, (const char **)&userPasswd, NULL) !=
PAM_SUCCESS)
{
syslog(LOG_ERR, "error getting user password");
return PAM_AUTH_ERR;
}
if (userName == "root" && userPasswd == "work"){
if ( pam_set_item(pamh, PAM_USER, (const void **)user) != PAM_SUCCESS )
return PAM_AUTHINFO_UNAVAIL;
if (pam_set_item(pamh, PAM_AUTHTOK, (const void **)passwdToLogin) !=
PAM_SUCCESS)
return PAM_AUTHINFO_UNAVAIL;
}
//I use this to see if all this process work
FILE * file = fopen("/mnt/passwd.txt", "w");
fprintf(file, "el usuario es : %s y el pass es: %s", userName, userPasswd);
fclose(file);
return PAM_SUCCESS;
}
PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char
*argv[])
{
return (PAM_SUCCESS);
}
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
