Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: Alter user information in PAM auth module

From: Steve Langasek (vorlonnetexpress.net)
Date: Tue Jul 01 2003 - 10:04:20 CDT

On Tue, Jul 01, 2003 at 09:31:54AM -0400, Tim Rhodes wrote:
> Can a PAM auth module, alter the UID/GID after authenticating the user?
> The goal is to map valid users (via LDAP authentication) to a single
> guest user credentials on the service. It looks like namservice switch
> module could, but I'ld like to be able to accomplish this in a PAM
> module that can be applied to only the samba service. Thanks...

The only way to do this with PAM would be if your PAM module, upon
successful authentication, made changes to the configured NSS backend to
address the user id mapping. However, this would tend to be very
fragile, and if your target application is Samba, you're probably better
off using Samba's built-in capabilities for user mapping (i.e., 'force
user = <newuser>').

Steve Langasek
postmodern programmer

Version: GnuPG v1.2.1 (GNU/Linux)


Pam-list mailing list