saslauthd SASL_IPREMOTEPORT -> PAM_RHOST
Lorenzo M. Catucci
lorenzo at sancho.ccd.uniroma2.it
Mon May 23 14:33:18 EDT 2011
On 05/23/2011 08:10 PM, omalleys at msu.edu wrote:
>
> My understanding is that it is up to the calling application to log
> the data like CyrusMail should be logging auths,
VERY, VERY TRUE!!! Sorry for AOL-ing!
> If you use PAM_SET_ITEM on PAM_USER it is actually only a temporary
> change, and won't get passed back to the calling application. And I
> don't recall off the top of my head whether this gets passed through
> the rest of the pam stack or not.
Really, PAM_USER should be treated as a "read only" item by the
application, as I tried to express in my previous mail;
on the other hand, RUSER should be set from the application only when
really defined; in the case of an unknown
requestor, one can as well set RUSER to "anonymous" or "root", but not
to the proposed login.
Thank you very much, yours
lorenzo
More information about the Cyrus-sasl
mailing list