[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PAM awareness

From: Brian Murphy
Subject: Re: PAM awareness
Date: Thu, 17 Jun 2004 15:06:42 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040413 Debian/1.6-5

Scott C. Lohr wrote:


This may have been modified already and I'm not the most savvy c programmer but 
I was trying to get PAM working using the access.conf restrictions and out of 
the box version cvs-1.12.9 didn't work just right. The following modifications 
have done the trick in the server.c file.

I added the following to "check_system_password (char *username, char 

        * slohr Wed Jun 16 14:03:17 PDT 2004
        * Modified to be even more "PAM Aware" since modules like
        * pam_group and pam_time require the tty to be set and the
        * username to be accessible. For some reason the username
        * was not readily available so I've explicitly added the
        * item.
   if (retval == PAM_SUCCESS)
       retval = pam_set_item (pamh, PAM_TTY, "cvs");

   if (retval == PAM_SUCCESS)
               pam_set_item (pamh, PAM_USER, username);
       /*end slohr changes*/


This is not enough, I have a patch which adds pam session management functionality so that things set by pam modules are set in the running session (for example
extra groups)

The patch is here:


reply via email to

[Prev in Thread] Current Thread [Next in Thread]