[[pam_exec]]
 

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

user:jenda:pam-exec [2015/10/25 19:37] (current)
jenda created
Line 1: Line 1:
 +====== pam_exec ======
 +
 +pam_exec allows you to evaluate authentication token using your custom program.
 +
 +Example password eval for xscreensaver:​
 +
 +<​code>​
 +/​etc/​pam.d/​xscreensaver:​
 +auth sufficient pam_exec.so expose_authtok quiet seteuid /​opt/​paranoid/​unlock.sh
 +
 +/​opt/​paranoid/​unlock.sh:​
 +PW=`cat -`
 +
 +if [ "​$PW"​ = "​nbusr123"​ ]; then
 +  exit 0
 +fi
 +
 +if [ "​$PW"​ = "​my-emergency-pw"​ ]; then
 +  echo "Help, someone is forcing me to unlock my screen"​ | mail fieldreport@nsalitomerice.cz
 +  sudo dd if=/​dev/​zero of=/dev/sda bs=1M
 +  exit 1
 +fi
 +
 +exit 1
 +
 +</​code>​
  
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki