[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PAM in cvs 1.11

From: Brian Murphy
Subject: Re: PAM in cvs 1.11
Date: Fri, 08 Apr 2005 17:25:28 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040413 Debian/1.6-5

Yves Dorfsman wrote:


I am on a site where they are changing the way the OS is authenticating
users, moving away from NIS to LDAP. My understanding is that the only way
to get CVS working in pserver mode in that case is to use PAM.

PAM is supported in CVS 1.12, but this customer does not want to run a
non-release version of a software.

From what I can see, it should be relatively easy to put the piece that
deals with PAM from 1.12 and put it in 1.11, and my next step is to try to
do that (copying the relevant pieces in src/server from 1.12 to 1.11). A
few questions:

1) Has anybody else done this already (so that we don't waste our time
re-inventing the wheel) ?

I did this originally when I wrote my initial PAM patch. It did not have complete support
(session support missing). It should be easy to find on this list.

All the PAM code is surrounded by HAVE_PAM defines and was committed in few
(3-4) patches so it should be possible to port this in a few hours. The authentication support is contained in new functions so can easily just be copied. Session support is added to switch_to_user and is mixed up with other code this is the most critical because order is important here if you want it to work. Then "server" contains some
code which shuts down the pam session and cleans up.

There is also the configure script but you will probably just want to hard code HAVE_PAM
in your version...


reply via email to

[Prev in Thread] Current Thread [Next in Thread]