Local address from PAM module?

Jason Clifford jason at ukpost.com
Tue Sep 28 18:41:07 UTC 2004


On Tue, 28 Sep 2004, Jason DiCioccio wrote:

> Thanks Jason (wow, there's a lot of Jasons)..  This was unfortunately
> the answer I was expecting.  The reason behind the PAM module is so
> that we wouldn't have to modify the code for our various services each
> time we wanted to upgrade them.  However, I suppose adding a couple of
> lines to the code is still a lot better than having to add ~200 lines.

I don't think it would require that much code if you really wanted to do 
it completely inside PAM. 

In fact, all you should need to do is to define an extra pam item (say, 
PAM_LHOST to complement PAM_RHOST) and then add the necessary logic in 
your module which should only be a few lines of code - the specifics being 
reserved to the configuration object.

You could send in a patch so that the main distribution might have the 
same thus allowing you to keep up to date with PAM releases without 
worrying about patching for this local issue.

Jason Clifford
-- 
UKFSN.ORG		Finance Free Software while you surf the 'net
http://www.ukfsn.org/	   ADSL Broadband from just £22.50 / month 




More information about the Pam-list mailing list