List Archive: gentoo-soc
Hello everyone.
Another week has gone by and I'm still fighting with pam_unix. Maybe
starting the project with this module was not the best approach but on the
bright side, I've encountered so many problems that whatever may come up
with the rest of the modules will already have been dealt with once.
Anyway, to tell the truth, I've made quite some progress this past week.
All pam_unix functions have been written and the only thing that's left is
to ensure that they work the way they're supposed to (which may not be
such an easy thing after all).
Up till now, I've completed and tested pam_sm_authenticate which takes
care of user authentication (duh!) and pam_sm_chauthtok which is
responsible for updating a user's password and rebuilding shadow/passwd
database. The only thing left for the above is to modify pam_sm_chauthtok
to use md5 hashes instead of DES for password encryption, which should not
be a problem. Also, a minor problem needs to be solved within
pam_sm_acct_mgmt, since there seems to be some problem when using ctime()
to determine whether an account has expired.
The most intriguing problem lies inside pam_sm_open/close_session because
everytime it's called from a program, I get a "module is unknown" error
for pam_open/close_session and I think this may have something to do with
OpemPAM itself. I never got down to debugging the error because I needed a
break from pam_unix and decided to go on and work on another module.
Fortunately, things went smoothly and 3 hours later I had a working
version of pam_rootok and pam_securetty and had done some work on
pam_nologin as well. After working on pam_unix, everything else was much
easier to understand and implement. I hope that that's the case with all
the remaining modules in which case I'll have time time to work on some
additional modules after the "core modules" are finished.
For this week, I'll try to finish pam_nologin (with pam_nologin finished,
I'll have reached all my midterm 'goals') and then I'll focus on debugging
pam_unix.
That's all for now, I hope that I'll have more to say next week.
Regards,
Seraphim
--
gentoo-soc@g.o mailing list
|
|
