This shows you the differences between two versions of the page.
— |
pam-exec [2015-10-25 19:37:55] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== pam_exec ====== | ||
+ | |||
+ | pam_exec allows you to evaluate authentication token using your custom program. | ||
+ | |||
+ | Example password eval for xscreensaver: | ||
+ | |||
+ | <code> | ||
+ | /etc/pam.d/xscreensaver: | ||
+ | auth sufficient pam_exec.so expose_authtok quiet seteuid /opt/paranoid/unlock.sh | ||
+ | |||
+ | /opt/paranoid/unlock.sh: | ||
+ | PW=`cat -` | ||
+ | |||
+ | if [ "$PW" = "nbusr123" ]; then | ||
+ | exit 0 | ||
+ | fi | ||
+ | |||
+ | if [ "$PW" = "my-emergency-pw" ]; then | ||
+ | echo "Help, someone is forcing me to unlock my screen" | mail fieldreport@nsalitomerice.cz | ||
+ | sudo dd if=/dev/zero of=/dev/sda bs=1M | ||
+ | exit 1 | ||
+ | fi | ||
+ | |||
+ | exit 1 | ||
+ | |||
+ | </code> | ||