OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: Alter user information in PAM auth module

From: Steve Langasek (vorlonnetexpress.net)
Date: Tue Jul 01 2003 - 10:04:20 CDT


On Tue, Jul 01, 2003 at 09:31:54AM -0400, Tim Rhodes wrote:
> Can a PAM auth module, alter the UID/GID after authenticating the user?
> The goal is to map valid users (via LDAP authentication) to a single
> guest user credentials on the service. It looks like namservice switch
> module could, but I'ld like to be able to accomplish this in a PAM
> module that can be applied to only the samba service. Thanks...

The only way to do this with PAM would be if your PAM module, upon
successful authentication, made changes to the configured NSS backend to
address the user id mapping. However, this would tend to be very
fragile, and if your target application is Samba, you're probably better
off using Samba's built-in capabilities for user mapping (i.e., 'force
user = <newuser>').

--
Steve Langasek
postmodern programmer

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/AaL0KN6ufymYLloRAn9iAJ9F0Oig7xx/JTj4ZnxcWvwdeJWZHACgvn3k
owU8m+iD7/cv5p2N8dPMN+o=
=pl1U
-----END PGP SIGNATURE-----

_______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://www.redhat.com/mailman/listinfo/pam-list