#
91714 |
|
05-Mar-2002 |
des |
Switch to OpenPAM. Bump library version. Modules are now versioned, so applications linked with Linux-PAM will still work. Remove pam_get_pass(); OpenPAM has pam_get_authtok(). Remove pam_prompt(); OpenPAM has pam_{,v}{error,info,prompt}(). Remove pam_set_item(3) man page as OpenPAM has its own.
Sponsored by: DARPA, NAI Labs
|
#
89707 |
|
23-Jan-2002 |
des |
Add a PAM module that provides an account management component for checking either PAM_RHOST or PAM_TTY against /etc/login.access.o
This uncovers a problem with PAM_RHOST, in that if we always set it, there is no way to distinguish between a user logging in locally and a user logging in using 'ssh localhost'. This will be fixed by first making sure that all PAM modules can handle PAM_RHOST being unset (which is currently not the case), and then modifying su(1) and login(1) to not set it for local logins.
Sponsored by: DARPA, NAI Labs
|