Date: Thu, 11 Dec 2003 11:05:20 +0100 From: staf wagemakers <staf.wagemakers@belgacom.net> To: hackers@freebsd.org Subject: Re: Disillusioned with PAM Message-ID: <20031211100520.GA3181@staflaptop.antw.the-ecorp.com> In-Reply-To: <20031210170417.B21993@tikitechnologies.com> References: <20031210170417.B21993@tikitechnologies.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Dec 10, 2003 at 05:04:17PM -1000, Clifton Royston wrote: > > I've been looking (and grepping) through the source of the PAM > modules in 4.8 and 4.9, to check how I should interface to a chauthtok > method. Not just the ones built and installed on the system, from > /usr/src/lib/libpam, but the whole Linux PAM directory in > /usr/src/contrib/libpam. > > Can it really be that pam_krb5 is the *only* PAM module supplied > which implements a working password change function? I see three dummy > versions (tacacs+ and the contrib pam_permit and pam_warn) and that > seems to be it. > Some time ago I've created CGIpaf, a web interface for changing a user's password, Autoreply and mail forwarding. The pam password changer didn't work on FreeBSD, I didn't dig in the FreeBSD source. But I guess you did that for me ;-) > /usr/bin/passwd will be a real pain to use for a Web GUI as it > requires a pty, which means extensive "coding around it" to fake one up > for it a la poppassd. I thought PAM was going to solve this for me, > because of the "password management" function designed in... only it > appears so far that no PAM method which implements local password > changing actually exists on FreeBSD. What a mess. > CGIpaf supports FreeBSD without pam basically it runs "pwd_mkdb" to update the password. If you need c functions to update a password the source might be useful to you. http://staf.patat.org/cgipaf/ -- Staf Wagemakers email: staf@patat.org homepage: http://staf.patat.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031211100520.GA3181>