Controlling PAM modules
Ivan Grover
ivangrvr299 at gmail.com
Wed Sep 17 12:09:03 UTC 2008
Hi All,
I am trying to use few modules such as
pam_radius - does remote authentication
pam_abl - to lock users/ IP addresses
My Problem is , Do i have any standard way to skip one of the PAM module
with out changing the service conf file.
Suppose i dont want to enable locking of users, then one solution i can
think of is to share a common database across application and pam modules.
The application sets the flag which indicates, if pam_able is included or
not. Then pam_abl module will look into this database and then return simply
PAM_SUCCESS always or process the user lockouts.
Please advise/comment
Best Regards,
Ivan.
More information about the freebsd-security
mailing list