Patch so that sshd makes use of PAM_USER

Darren J Moffat Darren.Moffat at Sun.COM
Sat Aug 31 04:41:32 EST 2002

On Fri, 30 Aug 2002, Ben Lindstrom wrote:

> Two things off hand.
> 1. Your repeating the code over and over.  Make it a function call.
> 2. Look at openbsd's 'style' page.  As it sits now it would not be
> accepted because it does not follow the correct code format.
> also, one needs to check to see if this is honored by Solaris/hpux or if
> this is a Linux oddity.

This is part of the original PAM spec.  There are no modules shipped by
Sun for Solaris that actually change the PAM_USER but I know it does work
if such a module should be installed.  Since the HP code orginally came
from Sun it should work there as well.

To test this create a PAM module that implements pam_sm_authenticate
and in it use pam_set_item to change the value of PAM_USER.  The change
should be reflected back in the application when it calls pam_get_item.

> On Fri, 30 Aug 2002, Jeremy Ellington wrote:
> >  <<pam_user.patch>>
> > Hello.  I created a patch that causes sshd  to take notice of the value of PAM_USER after calling into the pam_xxx functions.  This makes it possible for a PAM module to effect user mappings by setting the value of PAM_USER with pam_set_item().  If anyone has comments or suggestions, let me know.
> >
> > Thanks,
> > Jeremy
> >
> _______________________________________________
> openssh-unix-dev at mailing list

Darren J Moffat

More information about the openssh-unix-dev mailing list