New PAM code landing (at last)
Frank Cusack
fcusack at fcusack.com
Sun May 11 19:26:06 EST 2003
On Sun, May 11, 2003 at 08:29:28AM +0100, James Williamson wrote:
> I've scanned the code and the PAM stuff is actually broken despite the
> privileges.
> The credentials stage is actually called after the session stage which runs
> contra
> to what the linux pam docs specify (i.e. it should be done before).
What is the credentials stage? pam_setcred()?
Both the the Sun docs (Solaris 9_u2):
The pam_setcred() function is used to establish, modify, or
delete user credentials. It is typically called after the
user has been authenticated and after a session has been
opened.
and the Linux-PAM docs (Linux-PAM-0.72):
This function is used to set the module-specific credentials of the
user. It is usually called after the user has been authenticated,
after the account management function has been called and after a
session has been opened for the user.
say that you call this after pam_open_session().
/fc
More information about the openssh-unix-dev
mailing list