Thorsten, Let me clarify. The PAM module I'm writing authenticates the users against an external data source and pulls back a list of remote groups. I want groups with those same names to be added to the users. Most of the examples I've seen on pam_group seem to be for adding certain groups for all users. I don't want things added for all users, I want it based on what comes back from my external data store. I'm assuming by the fact that pam_group can add groups to a user, there should be a pam api for that, but I have not found any documentation on this. That is what I'm hopefully looking for; what where that api is. If there is some way that pam_group can be utilized to map my remote groups to local groups; that could also work. However, even then, I assume there is someway I need to make pam_group aware of the groups coming back from my pam module. Thanks, Doug On Sat, Oct 1, 2016 at 11:49 AM, Thorsten Kukuk <kukuk@xxxxxxx> wrote: > > Hi, > > On Sat, Oct 01, Douglas Logan wrote: > >> Hello, >> I'm trying to create a PAM module. I've had no problem with the >> standard authentication portion and have that working based on some >> samples I was able to find. >> >> However, I'm having a difficult time finding an example on how I'm >> supposed to add additional groups to a user during PAM login. > > There is already a module which is doing this: pam_group. > > Thorsten > > -- > Thorsten Kukuk, Senior Architect SLES & Common Code Base > SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany > GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) > > _______________________________________________ > Pam-list mailing list > Pam-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/pam-list _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list