[PAM-NTDOM] using pam_ntdom for ftp authentication
Steve Langasek
vorlon at netexpress.net
Wed Jun 14 18:53:17 GMT 2000
On Wed, 14 Jun 2000, Soren Dayton wrote:
> the pam ntdom module that is in the CVS repository right now seems to
> create output that makes things like ftp, which has a very specific
> protocol, misbehave. Is there a way to turn this off or create a flag
> that gets passed in that shuts it up? Has anyone tried to address
> this. It looks like all the problems are caused by various calls to
> report() in rpc_validate/lsarpc.c.
This is a problem with other PAM modules too, such as pam_krb5: the libraries
in use assume that sending data directly to stdout/stderr is OK. This could
be fixed by having a configuration flag to shut up the library, or having the
application pass a file descriptor for the library to use, or to have an
application callback function that the library uses when it wants to report
something... there are probably other solutions, too. Not a difficult problem
to fix, although perhaps a tedious one; this just wasn't something that had to
be worried about when the only programs using those libs were Samba programs.
:)
Steve Langasek
postmodern programmer
More information about the samba-technical
mailing list