如何使用PAM验证用户?

时间:2011-02-26 05:24:04

标签: authentication pam

我已阅读this页面,但我有点困惑......

  • 在pam_start
    • 什么是struct pam_conv以及如何填写?
    • 究竟是什么service_name是什么意思?

是否有使用PAM登录用户(或至少验证其提供的凭据)的示例?

1 个答案:

答案 0 :(得分:1)

以下是一个例子:

#include <stdlib.h> // for NULL
#include <security/pam_appl.h> // for pam_ functions

// compile with 'gcc -lpam filename.c'

int main ( int argc , char * * argv )
{
    //function used to get user input
    int function_conversation ( ) { /* ToDo prompt user for input */ } ;

    const char * local_service = "Example Service" ; // name of the authentication service
    const char * local_user = "Example User" ; //Name of the user
    void * local_app_data = NULL ; // ToDo Make this valid.
    const struct pam_conv local_conversation = { function_conversation , local_app_data } ;
    pam_handle_t * local_auth_handle = NULL ; // this gets set by pam_start
    int local_status = 0 ; // result of each function call

    // local_auth_handle gets set based on the service 
    local_status = pam_start ( local_service , local_user , & local_conversation , & local_auth_handle ) ;

    int local_auth_flags = 0 ; // ToDo Are there any relevent flags?
    // Authenticate the user with the authentication handle set by pam_start
    local_status = pam_athenticate ( local_auth_handle , local_auth_flags ) ;

    // terminate transaction
    local_status = pam_end ( local_auth_handle , local_status ) ;

    return local_status ;
}

参考文献:

http://publib.boulder.ibm.com/infocenter/aix/v6r1/index.jsp?topic=/com.ibm.aix.basetechref/doc/basetrf1/pam_start.htm

http://www.kapet.de/kb/pam_interpose/pam_interpose.c

http://pubs.opengroup.org/onlinepubs/8329799/pam_start.htm