|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Thank you for your response, Pavel !
That's right. There is a socket and few pipes open for each authentication attempt.Sockets? Most of those open descriptors are *pipes*.
What have you got in your /etc/pam.d/check_user? Those two (significant) lines? Anything else?
Actually, the file contains auth include system-auth account include system-auth And there is /etc/pam.d/system-auth (default in fedora 13) : #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_fprintd.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth required pam_deny.so account required pam_unix.so account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 type=password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session optional pam_mkhomedir.sosession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.soI filled /etc/pam.d/check_user as it described in source comments and now the program works much more better! There is no any open sockets, pipes or other unwanted descriptors.
So I have another question:How to properly configure pam authentication for a program in the same way as in a system? Regardless of whether it is pam_ldap or pam_unix.
Find out what opens those descriptors. Run your progrem under strace. Run it under gdb and set a breakpoint at pipe() (or socket()?)
I'm not very experienced in linux programming, so I'll try to do this later.Another challenge I'll try to solve is find the cause of memory leak (valgrind --leak-check=full):
==20782== ==20782== HEAP SUMMARY: ==20782== in use at exit: 34 bytes in 2 blocks==20782== total heap usage: 20,170 allocs, 20,168 frees, 7,355,050 bytes allocated
==20782== ==20782== 34 bytes in 2 blocks are definitely lost in loss record 1 of 1 ==20782== at 0x4005BDC: malloc (vg_replace_malloc.c:195) ==20782== by 0xA8107E: local_strdup (in /lib/ld-2.12.2.so) ==20782== by 0xA842CB: _dl_map_object (in /lib/ld-2.12.2.so) ==20782== by 0xA8EE5D: dl_open_worker (in /lib/ld-2.12.2.so) ==20782== by 0xA8A975: _dl_catch_error (in /lib/ld-2.12.2.so) ==20782== by 0xA8E945: _dl_open (in /lib/ld-2.12.2.so) ==20782== by 0xC57C3A: dlopen_doit (in /lib/libdl-2.12.2.so) ==20782== by 0xA8A975: _dl_catch_error (in /lib/ld-2.12.2.so) ==20782== by 0xC5803B: _dlerror_run (in /lib/libdl-2.12.2.so) ==20782== by 0xC57B70: dlopen@@GLIBC_2.1 (in /lib/libdl-2.12.2.so) ==20782== by 0x712143C: ??? (in /lib/libfreebl3.so) ==20782== by 0x712255F: NSSLOW_Init (in /lib/libfreebl3.so) ==20782== ==20782== LEAK SUMMARY: ==20782== definitely lost: 34 bytes in 2 blocks ==20782== indirectly lost: 0 bytes in 0 blocks ==20782== possibly lost: 0 bytes in 0 blocks ==20782== still reachable: 0 bytes in 0 blocks ==20782== suppressed: 0 bytes in 0 blocks ==20782== Best regards, Evgeny Tarasov _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list