Hi,
I am running Ubuntu.
I am writing an executable that pam_exec will call in "session" mode.
It will respond to session open/close events. It is almost completely
working. This morning I was testing it using "su" and it was doing
what i expected. I then started ssh-ing to the machine. That's when
things became puzzling.
if I "su" while on the machine the PAM_TTY environment variable is
indeed a TTY string and is unique to the "session". However, if I
treat "ssh" like "su" and try to ssh to a different user on the same
machine, ex:
$ ssh otherUser@xxxxxxxxxxxxxxxx
then the PAM_TTY variable just shows "ssh". If I were logged in
multiple times then all would appear to be on the same "line", so to
speak.
This does make sense I suppose. The "su" continues to use the tty of
the caller. The "ssh" will eventually have a new tty. I am calling
my PAM_EXEC's program very late in the session stack so I assumed that
a tty would be available.
Since the tty is not available, is there a unique session identifier
that I can use? I have not seen mention of one.
Seven
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
