| 1 |
Hello everyone. |
| 2 |
|
| 3 |
Another week has gone by and I'm still fighting with pam_unix. Maybe |
| 4 |
starting the project with this module was not the best approach but on the |
| 5 |
bright side, I've encountered so many problems that whatever may come up |
| 6 |
with the rest of the modules will already have been dealt with once. |
| 7 |
Anyway, to tell the truth, I've made quite some progress this past week. |
| 8 |
All pam_unix functions have been written and the only thing that's left is |
| 9 |
to ensure that they work the way they're supposed to (which may not be |
| 10 |
such an easy thing after all). |
| 11 |
|
| 12 |
Up till now, I've completed and tested pam_sm_authenticate which takes |
| 13 |
care of user authentication (duh!) and pam_sm_chauthtok which is |
| 14 |
responsible for updating a user's password and rebuilding shadow/passwd |
| 15 |
database. The only thing left for the above is to modify pam_sm_chauthtok |
| 16 |
to use md5 hashes instead of DES for password encryption, which should not |
| 17 |
be a problem. Also, a minor problem needs to be solved within |
| 18 |
pam_sm_acct_mgmt, since there seems to be some problem when using ctime() |
| 19 |
to determine whether an account has expired. |
| 20 |
|
| 21 |
The most intriguing problem lies inside pam_sm_open/close_session because |
| 22 |
everytime it's called from a program, I get a "module is unknown" error |
| 23 |
for pam_open/close_session and I think this may have something to do with |
| 24 |
OpemPAM itself. I never got down to debugging the error because I needed a |
| 25 |
break from pam_unix and decided to go on and work on another module. |
| 26 |
|
| 27 |
Fortunately, things went smoothly and 3 hours later I had a working |
| 28 |
version of pam_rootok and pam_securetty and had done some work on |
| 29 |
pam_nologin as well. After working on pam_unix, everything else was much |
| 30 |
easier to understand and implement. I hope that that's the case with all |
| 31 |
the remaining modules in which case I'll have time time to work on some |
| 32 |
additional modules after the "core modules" are finished. |
| 33 |
|
| 34 |
For this week, I'll try to finish pam_nologin (with pam_nologin finished, |
| 35 |
I'll have reached all my midterm 'goals') and then I'll focus on debugging |
| 36 |
pam_unix. |
| 37 |
|
| 38 |
That's all for now, I hope that I'll have more to say next week. |
| 39 |
|
| 40 |
Regards, |
| 41 |
Seraphim |
| 42 |
|
| 43 |
|
| 44 |
-- |
| 45 |
gentoo-soc@l.g.o mailing list |
Archives