PAM and getpwnam [ struct passwd getpwnam(const char name) ]

Thu Aug 16 10:17:16 EST 2001

On Wed, 15 Aug 2001 erik at math.uu.se wrote:

> Hello!
> 
> I use a PAM-module (pam_ncp_auth from ncpfs) for authentication against a
> netware server.
> 
> pam_ncp_auth can create local UNIX user accounts from information in NDS,
> and it works perfect with login, gdm and telnet. But not with openssh (2.5
> and 2.9).

This query has come up in various forms a couple of times. My position is 
that, if you want to use alternate stores of account information, you 
should emulate the standard Unix APIs for accessing them.

This means that your NDS must implement getpwnam, getpwuid, etc. Typically
this is done through nsswitch libraries.

PAM is an authentication API, it shouldn't try to be a "authentication and 
fiddle with account information" API.

-d

-- 
| Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's 
| http://www.mindrot.org          /   distributed filesystem'' - Dan Geer

PAM and getpwnam [ struct passwd *getpwnam(const char * name) ]

PAM and getpwnam [ struct passwd getpwnam(const char name) ]