pam modules and setuid actions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I am very close to finishing a pam module that will log specific user
session activities to a database.  There could be situations though in
which the primary, remote DB is unavailable so I want to create a
local "cache" of loggable events.  Once remote DB access is regained I
will upload the cache records and be very happy.  There is an issue

I want the cache to live in protected space.  I would like to open the
cache as "root" or some other dedicated user.  I do not want the
general public to inspect or edit the cache.  I have just tried
wrapping the cache "open" in setuid calls but that has not worked.  I
am using "su" as my testing tool but even though the "su" executable
is setuid by default the open section fails.

Is there a general PAM related solution to this?


Pam-list mailing list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux