[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap user authentication, PAM and chsh (change shell): how to make it work?



* Howard Chu <hyc@symas.com> [20181215 13:16]:
> Jean-Francois Malouin wrote:
> > Hi,
> > 
> > Please, bear with me! I know that this is not an openldap question per se, but
> > I've been banging my head on the wall for a long time on this issue and maybe
> > someone knows the quick answer: with user authentication coming from LDAP, what
> > is the magic that has to inserted with the PAM stuff on a client to allow users
> > to change their login shells using 'chsh'? I've been googling this for hours to
> > no avail.  I nice hint would just suffice.
> 
> The PAM API has no support for changing anything besides the password. The NSS API
> has no support for changing anything at all, it is purely read-only. Any solution
> for what you want to do is going to be non-standard, site- and implementation-specific.

Thank you for the pointers.
Well then, I'll stop banging my head on the wall!

Regards,
jf

> 
> -- 
>   -- Howard Chu
>   CTO, Symas Corp.           http://www.symas.com
>   Director, Highland Sun     http://highlandsun.com/hyc/
>   Chief Architect, OpenLDAP  http://www.openldap.org/project/