|
| From: | Brian Murphy |
| Subject: | Re: PAM in cvs 1.11 |
| Date: | Fri, 08 Apr 2005 17:25:28 +0200 |
| User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040413 Debian/1.6-5 |
Yves Dorfsman wrote:
I did this originally when I wrote my initial PAM patch. It did not have complete supportHi, I am on a site where they are changing the way the OS is authenticating users, moving away from NIS to LDAP. My understanding is that the only way to get CVS working in pserver mode in that case is to use PAM. PAM is supported in CVS 1.12, but this customer does not want to run a non-release version of a software.From what I can see, it should be relatively easy to put the piece thatdeals with PAM from 1.12 and put it in 1.11, and my next step is to try to do that (copying the relevant pieces in src/server from 1.12 to 1.11). A few questions: 1) Has anybody else done this already (so that we don't waste our time re-inventing the wheel) ?
(session support missing). It should be easy to find on this list. All the PAM code is surrounded by HAVE_PAM defines and was committed in few(3-4) patches so it should be possible to port this in a few hours. The authentication support is contained in new functions so can easily just be copied. Session support is added to switch_to_user and is mixed up with other code this is the most critical because order is important here if you want it to work. Then "server" contains some
code which shuts down the pam session and cleans up.There is also the configure script but you will probably just want to hard code HAVE_PAM
in your version... /Brian
| [Prev in Thread] | Current Thread | [Next in Thread] |