Re: Proper Way for a PAM Module to Add Groups to a User

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


       Let me clarify. The PAM module I'm writing authenticates the
users against an external data source and pulls back a list of remote
groups. I want groups with those same names to be added to the users.

Most of the examples I've seen on pam_group seem to be for adding
certain groups for all users. I don't want things added for all users,
I want it based on what comes back from my external data store.

I'm assuming by the fact that pam_group can add groups to a user,
there should be a pam api for that, but I have not found any
documentation on this. That is what I'm hopefully looking for; what
where that api is.

If there is some way that pam_group can be utilized to map my remote
groups to local groups; that could also work. However, even then, I
assume there is someway I need to make pam_group aware of the groups
coming back from my pam module.


On Sat, Oct 1, 2016 at 11:49 AM, Thorsten Kukuk <kukuk@xxxxxxx> wrote:
> Hi,
> On Sat, Oct 01, Douglas Logan wrote:
>> Hello,
>>        I'm trying to create a PAM module. I've had no problem with the
>> standard authentication portion and have that working based on some
>> samples I was able to find.
>> However, I'm having a difficult time finding an example on how I'm
>> supposed to add additional groups to a user during PAM login.
> There is already a module which is doing this: pam_group.
>   Thorsten
> --
> Thorsten Kukuk, Senior Architect SLES & Common Code Base
> SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany
> GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
> _______________________________________________
> Pam-list mailing list
> Pam-list@xxxxxxxxxx

Pam-list mailing list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux