![[BunsenLabs Logo]](/img/bl.svg)
You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2016-09-25 19:07:45
- Horizon_Brave
- Operating System: Linux-Nettrix
- Registered: 2015-10-18
- Posts: 1,473
Flexibility of PAM?
Hey everyone, Been doing some reading up on this Fall brisk afternoon about PAM's authentication modules. My question comes up in the rigidness of what I've seen so far. Though I could of course be just mis-understanding. So if a process I'll use the login(1) process which has a file in /etc/pam.d/. If we wanted to run the full login(1) PAM file when User1 logs in, but perhaps 'ignore' some lines in the same login(1) file for User2, is this possible?
What I'm asking is can PAM distinguish and modify the /etc/pam.d files? Or would this require to change and recompile the source code for the application, such as login(1)? It seems to me that the author of the application, would have written in specific calls to PAM, and PAM then, ALWAYS reads the /etc/pam.d/login file from top to bottom with no modification allowed?
As always, thanks for any input guys!
Last edited by Horizon_Brave (2016-09-25 19:08:07)
"I have not failed, I have found 10,000 ways that will not work" -Edison
Offline
#2 2016-09-26 03:24:43
- johnraff
- nullglob
- From: Nagoya, Japan
- Registered: 2015-09-09
- Posts: 12,668
- Website
Re: Flexibility of PAM?
/etc is for system-admin configuration.
A package might put a default config there, but it can be edited by the administrator and the package will never change it back without permission. (dpkg sees to that)
...elevator in the Brain Hotel, broken down but just as well...
( a boring Japan blog (currently paused), now on Bluesky, there's also some GitStuff )
Offline
Pages: 1