PAM based filter
- From: DC <dc dcarr org>
- To: gdm sunsite dk
- Subject: PAM based filter
- Date: Tue, 05 Aug 2003 17:13:03 -0500
I've tried this but was unsucessful. Have a look at this:
/* pam_permit module */
/*
* $Id: pam_permit.c,v 1.2 2000/12/04 19:02:34 baggins Exp $
*
* Written by Andrew Morgan <morgan parc power net> 1996/3/11
*
*/
#define DEFAULT_USER "david"
#include <stdio.h>
/*
* here, we make definitions for the externally accessible functions
* in this file (these definitions are required for static modules
* but strongly encouraged generally) they are used to instruct the
* modules include file to define their prototypes.
*/
#define PAM_SM_AUTH
#define PAM_SM_ACCOUNT
#define PAM_SM_SESSION
#define PAM_SM_PASSWORD
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
/* --- authentication management functions --- */
PAM_EXTERN
int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc
,const char **argv)
{
int retval;
const char *user=NULL;
/*
* authentication requires we know who the user wants to be
*/
/*retval = pam_get_user(pamh, &user, NULL);
if (retval != PAM_SUCCESS) {
D(("get user returned error: %s", pam_strerror(pamh,retval)));
return retval;
}
if (user == NULL || *user == '\0') {
D(("username not known"));
pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);
//}
//user = NULL; */ /* clean
up */
D(("username not known"));
pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);
return PAM_SUCCESS;
}
PAM_EXTERN
int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc
,const char **argv)
{
D(("username not known"));
pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);
return PAM_SUCCESS;
}
/* --- account management functions --- */
PAM_EXTERN
int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc
,const char **argv)
{
D(("username not known"));
pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);
return PAM_SUCCESS;
}
/* --- password management --- */
PAM_EXTERN
int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc
,const char **argv)
{
D(("username not known"));
pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);
return PAM_SUCCESS;
}
/* --- session management --- */
PAM_EXTERN
int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc
,const char **argv)
{
D(("username not known"));
pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);
return PAM_SUCCESS;
}
PAM_EXTERN
int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc
,const char **argv)
{
return PAM_SUCCESS;
}
/* end of module definition */
#ifdef PAM_STATIC
/* static module data */
struct pam_module _pam_permit_modstruct = {
"pam_chuser",
pam_sm_authenticate,
pam_sm_setcred,
pam_sm_acct_mgmt,
pam_sm_open_session,
pam_sm_close_session,
pam_sm_chauthtok
};
#endif
and my gdm pam config
#%PAM-1.0
auth required pam_env.so
auth required pam_chuser.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_chuser.so
account required pam_stack.so service=system-auth
password required pam_chuser.so
password required pam_stack.so service=system-auth
session required pam_chuser.so
#session required pam_stack.so service=system-auth
session optional pam_console.so
Thanks for your time,
-David Carr
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
