Subject: Re: BSD auth for NetBSD
To: Jason Thorpe <thorpej@wasabisystems.com>
From: Love <lha@stacken.kth.se>
List: tech-userlevel
Date: 09/12/2003 22:27:29
--=-=-=
Content-Transfer-Encoding: quoted-printable


Jason Thorpe <thorpej@wasabisystems.com> writes:

> On Thursday, September 11, 2003, at 01:23  PM, Greg A. Woods wrote:
>
>> However I've not yet seen one shred of evidence which would show that
>> there could be any kind of problem with implementing PAM afterwards or
>> even with implementing PAM support via a BSD Auth proxy authenticator.
>
> What sort of evidence do you need other than "some authenticators need
> to modify the context of the process".  You can't currently do that
> with the proxy scheme used by BSD Auth.
>
> If you have a solution for this problem, hey, we're all ears.

I would say that there should be something like the setenv but instead a
callfunc module stringargument (module magic sent up over the fd that binds
togther libbsdauth and the autheticating module). And then the libbsdauth
lib should dlopen module in /lib/whever/lib<module>.so and dlsym
<somesymbol> an call that with the argument <stringargument>.

This is of course just oneway, I guess it could be make twoway someway.

I have no idea if this i good enough.

Love


--=-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (NetBSD)

iQEVAwUAP2IsM3W+NPVfDpmCAQKt6wf/bKPvV8yAFzEvdgTR76a/QUOUv4Dl6X7R
t1rQIfiU+36z1RuyHzXZNG/gNKg+/ZIEZllnkbaXfmdKJNYDOCeRrVgC6rO9fQ+a
/lwBIvlExa+S3iJC0eHtuZVVm0s6HMEWTpSUQGl9sxByxP0+w/Ywbr+XzvYzT24k
UBHDDRPH0qXW4VswT088AOybbLtYJMSwU+1N259N4HIUw9znZsml1sKpwVc1/47E
JgGWLe1oazXfSrOFPJafwLlJFcrH74bwi4kO5yE+suu79D1P4H62RukDTSgzhmne
eBNMijDMuI56mVtiuSb9XhbjDQERRlz8bDJzy5lorz3FuF4qpU4dBw==
=cx/D
-----END PGP SIGNATURE-----
--=-=-=--