[PAM-NTDOM] using pam_ntdom for ftp authentication

Soren Dayton dayton at overx.com
Wed Jun 14 19:09:42 GMT 2000


Steve Langasek <vorlon at netexpress.net> writes:

> On Wed, 14 Jun 2000, Soren Dayton wrote:
> 
> > the pam ntdom module that is in the CVS repository right now seems to
> > create output that makes things like ftp, which has a very specific
> > protocol, misbehave.  Is there a way to turn this off or create a flag
> > that gets passed in that shuts it up?  Has anyone tried to address
> > this.  It looks like all the problems are caused by various calls to
> > report() in rpc_validate/lsarpc.c.
> 
> This is a problem with other PAM modules too, such as pam_krb5: the libraries
> in use assume that sending data directly to stdout/stderr is OK.  This could
> be fixed by having a configuration flag to shut up the library, or having the
> application pass a file descriptor for the library to use, or to have an
> application callback function that the library uses when it wants to report
> something... there are probably other solutions, too.  Not a difficult problem
> to fix, although perhaps a tedious one; this just wasn't something that had to
> be worried about when the only programs using those libs were Samba programs.
> :)

I would vote for having a "silent_on_stdout" flag.  What do people
think?  I'll probably try to do this very soon.  Should I send in
patches?

Soren


More information about the samba-technical mailing list