[nylug-talk] Pam modules and usernames
Stephen Tihor
Tue May 30 07:32:56 EDT 2006
I have been doing some PAM work under older Unix systems and was just
porting a modules to SLES9, when I observed that if the username a
user enters does not appear in /etc/passwd (or the virtual
/etc/passwd NSS generates) then the conversation function does not
prompt for a password - but instead returns a fixed odd string (a
couple of control characters and "INVALID"). I was able to
duplicate this effect under telnet and ssh even with a simple module
that just read in and logged the password entered, or at least tried
to read one in :( .
(Now under normal circumstances my module will take username and
password string, deetermine authentication and set PAM_USERNAME to a
legal value before its done with the first (authentication) call but
I am wondering if there is something going on in login.c or elsewhere
that I am just plain missing?
More information about the nylug-talk
mailing list