[nylug-talk] Pam modules and usernames

[Peter C. Norton]

Usually solving pam problems mean making the specific pam stack
involved.

Various pam modules have different requirements about what will be
seen as kosher and what won't. 

Can you post the pam stack that you're using to the list?

-Peter

On Tue, May 30, 2006 at 07:32:56AM -0400, Stephen Tihor wrote:
> I have been doing some PAM work under older Unix systems and was just 
> porting a modules to SLES9, when I observed that if the username a 
> user enters does not appear in /etc/passwd (or the virtual 
> /etc/passwd NSS generates) then the conversation function does not 
> prompt for a password - but instead returns a fixed odd string (a 
> couple of control characters and "INVALID").     I was able to 
> duplicate this effect under telnet and ssh even with a simple module 
> that just read in and logged the password entered, or at least tried 
> to read one in :( .
> 
> 
> (Now under normal circumstances my module will take username and 
> password string, deetermine authentication and set PAM_USERNAME to a 
> legal value before its done with the first (authentication) call but 
> I am wondering if there is something going on in login.c or elsewhere 
> that I am just plain missing?
> _____________________________________________________________________________
> Hire expert Linux talent by posting jobs here :: http://jobs.nylug.org
> The nylug-talk mailing list is at nylug-talk at nylug.org
> The list archive is at http://nylug.org/pipermail/nylug-talk
> To subscribe or unsubscribe: http://nylug.org/mailman/listinfo/nylug-talk

-- 
The 5 year plan:
In five years we'll make up another plan.
Or just re-use this one.