rename user via PAM module?
Tomas Mraz
tmraz at redhat.com
Wed Jun 15 10:14:12 UTC 2011
On Wed, 2011-06-15 at 11:25 +0200, Wolfgang Draxinger wrote:
> On Tue, 14 Jun 2011 18:49:03 +0200
> Riccardo Murri <riccardo.murri at gmail.com> wrote:
>
> > Hello,
> >
> > Is there a PAM module to remap the username according to some simple
> > configuration file? I'm thinking of reading a simple plaintext file:
> >
> > (...)
>
> Yes such changes are possible. In fact I recently (last week) wrote a
> PAM module of similar pupose (also announced it here on the list):
>
> | Hello PAM maintainers,
> |
> | I'd wanted to let you know of a new PAM module out there, that I've
> | written today. The source can be found at
> |
> | https://github.com/datenwolf/pam_propperpwnam
> |
> | (...)
>
> This works flawlessly with OpenSSH sshd, so I cannot confirm the
> concerns Tomas Mraz, though if someone could show me a counter example
> I'd be glad.
This perhaps works for you somehow because you're not doing arbitrary
mapping of user names but just canonicalize them through getpwnam_r().
But there is really no code in openssh that would adjust the user name
it obtained from the connection in its internal variables that store it
and that's later used in other calls to system.
Also see https://bugzilla.mindrot.org/show_bug.cgi?id=1215
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the Pam-list
mailing list