[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap user authentication, PAM and chsh (change shell): how to make it work?
* Howard Chu <hyc@symas.com> [20181215 13:16]:
> Jean-Francois Malouin wrote:
> > Hi,
> >
> > Please, bear with me! I know that this is not an openldap question per se, but
> > I've been banging my head on the wall for a long time on this issue and maybe
> > someone knows the quick answer: with user authentication coming from LDAP, what
> > is the magic that has to inserted with the PAM stuff on a client to allow users
> > to change their login shells using 'chsh'? I've been googling this for hours to
> > no avail. I nice hint would just suffice.
>
> The PAM API has no support for changing anything besides the password. The NSS API
> has no support for changing anything at all, it is purely read-only. Any solution
> for what you want to do is going to be non-standard, site- and implementation-specific.
Thank you for the pointers.
Well then, I'll stop banging my head on the wall!
Regards,
jf
>
> --
> -- Howard Chu
> CTO, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/