Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
persistent data with Sun pam
From: Young, Keith (keith.youngcsfb.com)
Date: Tue Oct 21 2003 - 11:40:57 CDT
I'm writing a pam module, which needs to run on linux and solaris, to track
failed logins. Similar idea to pam_tally, but different functional spec.
Sadly I'm not aware of a clever method to trap failure of a pam_authenticate()
call, so am approaching this using a similar method to pam_tally: tallying
calls to the auth stack and assuming (potentially incorrectly) authentication
success when pam_acct_mgmt() is called.
I'd like to store tally data in the pam handle, but Sun's pam implementation
does not define PAM_DATA_REPLACE when pam_set_data() is called. Is there a
clever but not-overly-inelegant way to replace data in such a way that the
cleanup routine knows when it is being called from pam_end()? Or am I going
to have to resort to temp files...?
This message is for the named person's use only. It may contain sensitive and
private proprietary or legally privileged information. No confidentiality or
privilege is waived or lost by any mistransmission. If you are not the
intended recipient, please immediately delete it and all copies of it from
your system, destroy any hard copies of it and notify the sender. You must
not, directly or indirectly, use, disclose, distribute, print, or copy any
part of this message if you are not the intended recipient. CREDIT SUISSE
GROUP and each legal entity in the CREDIT SUISSE FIRST BOSTON or CREDIT SUISSE
ASSET MANAGEMENT business units of CREDIT SUISSE FIRST BOSTON reserve the
right to monitor all e-mail communications through its networks. Any views
expressed in this message are those of the individual sender, except where the
message states otherwise and the sender is authorized to state them to be the
views of any such entity.
Unless otherwise stated, any pricing information given in this message is
indicative only, is subject to change and does not constitute an offer to
deal at any price quoted. Any reference to the terms of executed transactions
should be treated as preliminary only and subject to our formal written
Pam-list mailing list