Problems with pam_script on RHEL3 and pam-0.75-72
- Subject: Problems with pam_script on RHEL3 and pam-0.75-72
- From: "Alessandro De Maria" <alessandro.demaria@xxxxxxxxx>
- Date: Fri, 11 Apr 2008 12:38:45 +0100
I have a little strange problem with pam_script (libpam_script-0.1.11) and pam (pam-0.75-72) on RHEL3 Update 9
auth required pam_listfile.so bla bla
auth optional pam_script.so runas=root
auth sufficient pam_mysql bla bla.
without pam_script.so, everything works perfectly.
with pam_script installed, it works JUST if the script returns a non-zero value.
(my script is a simple:
echo(0); (or echo(1) whether I want it to fail or not)
according to some further tests and to the developer, pam_script correctly returns PAM_SUCCESS (which is 0 according to the debug) to the pam system, but the authentication fails anyway (even if pam_script is optional or required and is not the last one in the stack).
In order to have it working I had to return a non zero result so to force the pam_script to return an error. This way my service (vsftpd) manages to login properly (the "optional" keywork kicks in probably).
I'm not the best one at explaining problems. I hope out there there is somebody that can give me an hint on this problem.
Have you come across something like this before? Does it happens because pam is too old on my ssystem?
Alessandro De Maria
Life is too important to be taken seriously. Oscar Wilde
Pam-list mailing list
[Red Hat Install]
[Linux for the blind]