[OpenAFS-devel] OPenAFS and OpenSSH-3.8
Douglas E. Engert
deengert@anl.gov
Tue, 02 Mar 2004 06:49:26 -0600
Jim Rees wrote:
>
> Exactly.. Running a pam session module (that is itself a shared
> library) can perform the setpag for you. This seems to solve your
> problem without adding a direct dlopen() to ssh.
>
> I thought the problem we were trying to solve was that the pam module gets
> called in a subprocess, so it can't do the setpag. Did I misunderstand?
Yes that is one of the problems.
But the OpenSSH people might be more open to allowing some PAM
to be called from the "correct" process then to adding the dlopen hook.
>
> Also, even if pam can do the setpag, we're still stuck with pam-less
> implementations. What do we do about them?
Port PAM for use by OpenSSH?
There are many possible featurs to all these approaches, but there is
not one that has addressed all of them.
> _______________________________________________
> OpenAFS-devel mailing list
> OpenAFS-devel@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-devel
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444