Subject: Re: linux emul for PAM libraries? (RSA/ACE)
To: None <>
From: Daniel Carosone <>
List: current-users
Date: 06/03/2005 14:12:52
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jun 03, 2005 at 01:03:29PM +1000, Charlie Allom wrote:
> I am trying to get my NetBSD machine to use the RSA/ACE PAM modules like
> the linux machines will do here soon..
> I can run the Linux ace{test,status} binaries but the -current PAM seems
> to just crash on adding the linux modules to "auth required pam_securid.s=
> can anyone explain to me why this won't work and if it ever can or will?

If I read rightly, you're trying to link shared libraries compiled for
one binary emulation syscall-set (linux) into a process running under
another (netbsd native). It's the same thing as trying to use, say, a
linux mozilla flash or java plug-in in a native mozilla binary.

This won't work, and will continue to not work for the forseable
future.  There's no practical way for the kernel to know which
emulation table to use for which call from different parts of the same

However, for this instance, there may be a much simpler and generally
more elegant solution: can you get your ACE server to offer its
authentication services via RADIUS, rather than using the legacy
proprietary protocol and client code?  I can report that token-code
authentication of users to sshd, via pam_radius, works Just Fine.


[*] a hack for looking up the PC address making the syscall in a table
of per-mmap emulation mappings just doesn't really bear thinking about
too much :)

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.4.1 (NetBSD)