Re: PAM awareness

bug-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PAM awareness

From:	Brian Murphy
Subject:	Re: PAM awareness
Date:	Thu, 17 Jun 2004 15:06:42 +0200
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040413 Debian/1.6-5

Scott C. Lohr wrote:

Hello,

This may have been modified already and I'm not the most savvy c programmer but 
I was trying to get PAM working using the access.conf restrictions and out of 
the box version cvs-1.12.9 didn't work just right. The following modifications 
have done the trick in the server.c file.

I added the following to "check_system_password (char *username, char 
*password)"

       /*
        * slohr Wed Jun 16 14:03:17 PDT 2004
        *
        * Modified to be even more "PAM Aware" since modules like
        * pam_group and pam_time require the tty to be set and the
        * username to be accessible. For some reason the username
        * was not readily available so I've explicitly added the
        * item.
        *
        */
   if (retval == PAM_SUCCESS)
       {
       retval = pam_set_item (pamh, PAM_TTY, "cvs");
   }

   if (retval == PAM_SUCCESS)
       {
               pam_set_item (pamh, PAM_USER, username);
   }
       /*end slohr changes*/

Thanks!
Scott

This is not enough, I have a patch which adds pam session managementfunctionalityso that things set by pam modules are set in the running session (forexample

extra groups)

The patch is here:
http://lists.gnu.org/archive/html/bug-cvs/2003-10/msg00307.html

/Brian

[Prev in Thread]

Current Thread

[Next in Thread]

PAM awareness, Scott C. Lohr, 2004/06/16
- Re: PAM awareness, Brian Murphy <=
  - Re: PAM awareness, Derek Robert Price, 2004/06/25
    - Re: PAM awareness, Brian Murphy, 2004/06/26

Prev by Date: PAM awareness
Next by Date: Out of Office AutoReply: Mail Delivery (failure address@hidden)
Previous by thread: PAM awareness
Next by thread: Re: PAM awareness
Index(es):
- Date
- Thread