[RFC][PATCH] Detect and handle PAM changing user name
Ed Maste
emaste at phaedrus.sandvine.ca
Sat May 26 00:58:08 EST 2007
On Fri, May 25, 2007 at 08:24:13AM +1000, Darren Tucker wrote:
> James R. Leu wrote:
> > I've implemented a patch to openssh which allows the PAM auth layer
> > to detect if the PAM stack has changed the user name and then adjusts
> > its internal data structures accordingly. (imagine a PAM stack that
> > uses individual credentials to authenticate, but assigns the user to
> > a role account).
> >
> > First, is the openssh community interested in this patch?
>
> Maybe. I'm not convinced it's the right thing to do, though.
I know of several implementations of some variety of template/role
user support for openssh, so I suspect there would be a reasonable
amount of interest in seeing this as an officially supported
feature. Perhaps with an option to allow/disallow it.
-Ed
More information about the openssh-unix-dev
mailing list