Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Richter, Jörg (Joerg.Richterpdv-FS.de)
Date: Wed Mar 07 2007 - 03:11:01 CST
My goal is to start processes for some users and query them for the password. But the password query should pop up as a gui dialog.
The straight forward way is to write a new application that uses PAM with a conversation function that uses the gui dialog to query the password. So far so good. But now I have to provide a new application for every service I want to offer, like rexec or su. I think this is not the right way.
My next idea was to write a PAM module that queries the password with a gui dialog. But as far as I understand it, only the conversation function provider (application) can query passwords. If the application decides to query passwords from the shell, the module can't change this.
Or is it possible to change the conversation function within a module and let the next module (like pam_unix) call this new function to query the password? Then I could use all standard PAM programs to use my gui password dialog. But this looks not clean to me either.
So I'm not sure how to solve this problem the PAM-way. I think there must be a clean solution, without rewriting all applications like rexec/su/login.
Is there anything I overlooked?
Pam-list mailing list