>Well, I'm beginning to think the PAM route should be used strictly for >password authentication and not worry about doing password expiration >with it, due to continued segfaults, and the difficulty in debugging >them in a dynamically loaded shared lib (plus no debugging symbols in >Sol8's libpam, etc). I'm tired of putting reads from fifo's in the code >to get the program to stop where I need it to :->
Heh. You see why I choose to make xlock use the Kerberos call directly? >I'm looking at the K5 patches to XDM by David Simas ([EMAIL PROTECTED]) >and they seem to work well: > > ftp://idiom.com/users/davids/xdm.4.1.0-krb5.tar.bz2 > >He uses krb5_prompter_posix as the prompter, which, since XDM isn't >connected to a terminal, doesn't return any messages to the XDM screen, >and returns KRB5_LIBOS_CANTREADPWD when the password is expired. > >I'm thinking about trying to set up a prompter that can talk to the >XDM login widget, but I'm not too familiar with all the code. If >anyone has any pointers ("can't be done without a major rewrite", etc), >I'd be greatful. A guy I know claimed he did this already; I can try to dig up the code on Monday, if you're interested. --Ken ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
