User Tools

Site Tools


pam-exec
no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.


pam-exec [2015-10-25 19:37:55] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +====== pam_exec ======
 +
 +pam_exec allows you to evaluate authentication token using your custom program.
 +
 +Example password eval for xscreensaver:
 +
 +<code>
 +/etc/pam.d/xscreensaver:
 +auth sufficient pam_exec.so expose_authtok quiet seteuid /opt/paranoid/unlock.sh
 +
 +/opt/paranoid/unlock.sh:
 +PW=`cat -`
 +
 +if [ "$PW" = "nbusr123" ]; then
 +  exit 0
 +fi
 +
 +if [ "$PW" = "my-emergency-pw" ]; then
 +  echo "Help, someone is forcing me to unlock my screen" | mail fieldreport@nsalitomerice.cz
 +  sudo dd if=/dev/zero of=/dev/sda bs=1M
 +  exit 1
 +fi
 +
 +exit 1
 +
 +</code>
  
pam-exec.txt · Last modified: by 127.0.0.1

Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki