[OATH-Toolkit-help] pam_oath with non-root access (was: One Time Passwor

oath-toolkit-help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OATH-Toolkit-help] pam_oath with non-root access (was: One Time Passwor

From:	Christian Hesse
Subject:	[OATH-Toolkit-help] pam_oath with non-root access (was: One Time Password in SLiM)
Date:	Mon, 14 Jan 2013 19:51:30 +0100

Christian Hesse <address@hidden> on Sun, 2011/05/01 17:14:
> > How does xscreensaver/pam_unix solve this for e.g. /etc/shadow?
> 
> I took a deeper look at pam_unix and unix_chkpwd. pam_unix always calls
> unix_chkpwd via execev() to authenticate the user.
> I'm not sure I could implement this for pam_oath... Is anybody willing to do
> this? I will take a deeper look if I have some spare time.

Nothing happened to make pam_oath work with xscreensaver and the like
(non-root services), no?

Ok, some thoughts on that... pam_oath.so should not link to liboath.so but
call a little helper program. The latter is linked against liboath.so and set
uid root to access the usersfile.
Is that the correct way or do we need to do it different?
-- 
main(a){char*c=/*    Schoene Gruesse                         */"B?IJj;MEH"
"CX:;",b;for(a/*    Chris           get my mail address:    */=0;b=c[a++];)
putchar(b-1/(/*               gcc -o sig sig.c && ./sig    */b/42*2-3)*42);}

[Prev in Thread]

Current Thread

[Next in Thread]

[OATH-Toolkit-help] pam_oath with non-root access (was: One Time Password in SLiM), Christian Hesse <=
- Re: [OATH-Toolkit-help] pam_oath with non-root access, Simon Josefsson, 2013/01/27

Prev by Date: [OATH-Toolkit-help] different users with one token
Next by Date: Re: [OATH-Toolkit-help] I'll be at FOSDEM
Previous by thread: [OATH-Toolkit-help] different users with one token
Next by thread: Re: [OATH-Toolkit-help] pam_oath with non-root access
Index(es):
- Date
- Thread