PAM_IGNORE not being handled correctly
Tomas Mraz
tmraz at redhat.com
Mon Mar 3 13:20:32 UTC 2014
On Pá, 2014-02-28 at 20:13 -0600, Mike Wham wrote:
> I'm trying to solve what I believe to be a red-hat / CentOS specific issue
> with PAM_IGNORE.
> Using this example code <http://www.makelinux.net/alp/084> as a base, I'm
> trying to authenticate with a pam module which I made in PAM
> Python.<http://ace-host.stuart.id.au/russell/files/pam_python/doc/index.html>
> I
> just replaced the "su" with my module.
>
> PAM_SUCCESS and PAM_AUTH_ERR work fine, but I get error code 6
> (PAM_PERM_DENIED) when the module gives me PAM_IGNORE.
>
> Is there something about this conversation function that is wrong, or is
> there something different between the RHEL implementation of PAM and that
> found in Ubuntu?
PAM_IGNORE should never be returned to the application.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)
More information about the Pam-list
mailing list