ANNOUNCE: pam_pwexport, Unix->SMB password changes

[Nicholas J Brealey]

Peter Samuelson writes:
 > 
 > For all you out there who use PAM-enabled Unix systems (that means most
 > flavors of Linux and Solaris, and recently HP-UX, and possibly others I
 > don't know about), you may wish to give this a shot:
 > 
 >   http://peter.cadcamlab.org/misc/pam_pwexport-0.0.tar.gz
 > 

This looks very useful.

I managed to get it working on Solaris 7 11/99 using the attached
patch and this compile command:

gcc -o pam_pwexport.so -UPAM_EXTERN= -fPIC -shared pam_pwexport.c -lpam


Unfortunately the Solaris 7 11/99 passwd command seems to truncate
the password to 8 letters before it reaches the pam_pwexport
module. The Solaris 8 passwd command is OK. It looks like Sun need to
release a patch to make this work on Solaris 7.


Nick

-------------- next part --------------
--- pam_pwexport.c.orig	Tue Jun 13 20:55:18 2000
+++ pam_pwexport.c	Tue Jun 13 23:46:40 2000
@@ -12,6 +12,7 @@
 
 #define PAM_SM_AUTH
 #define PAM_SM_PASSWORD
+#include <security/pam_appl.h>
 #include <security/pam_modules.h>
 
 /*
@@ -77,8 +78,8 @@
   FILE *out;
   char *exe = find_exe (argc, argv);
 
-  pam_get_item (pamh, PAM_USER, (const void **)&user);
-  pam_get_item (pamh, PAM_AUTHTOK, (const void **)&tok);
+  pam_get_item (pamh, PAM_USER, (void **)&user);
+  pam_get_item (pamh, PAM_AUTHTOK, (void **)&tok);
   if (!user || !tok || !exe)
     return PAM_SUCCESS;
 
@@ -105,9 +106,9 @@
   FILE *out;
   char *exe = find_exe (argc, argv);
 
-  pam_get_item (pamh, PAM_USER, (const void **)&user);
-  pam_get_item (pamh, PAM_OLDAUTHTOK, (const void **)&oldtok);
-  pam_get_item (pamh, PAM_AUTHTOK, (const void **)&tok);
+  pam_get_item (pamh, PAM_USER, (void **)&user);
+  pam_get_item (pamh, PAM_OLDAUTHTOK, (void **)&oldtok);
+  pam_get_item (pamh, PAM_AUTHTOK, (void **)&tok);
   if (!user || !tok || !exe)
     return PAM_SUCCESS;