No I didn't. I will post it on the pam maillist, see what they think of it.
Stef 2011/10/14 Daniel J Walsh <dwa...@redhat.com>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 10/14/2011 04:34 AM, Stef Bon wrote: >> Hi, >> >> I've rewritten an existing pam module pam_script. What it does: >> >> . runs a script . unshare the mount namespace (if configured, >> default yes) >> >> if the directory to chroot to is specfied it does also: >> >> . mount all the required directories like bin, lib, usr etcetera. . >> chroot to this directory >> >> See: >> >> git clone git://gitorious.org/pam_script/pam_script.git pam_script >> cd pam_script >> >> >> Please some comments. Especially the starting of a session, is >> this enough? If you look to the code you'll see that I've copied >> from nspawn.c the check is_os_tree and mount_all functions, and >> adjusted them a bit(is this ok?) >> >> In nspawn a lot more is done but I'm not that familiar with these >> "low level" operations. So please comment on this. >> >> Stef _______________________________________________ systemd-devel >> mailing list systemd-devel@lists.freedesktop.org >> http://lists.freedesktop.org/mailman/listinfo/systemd-devel > > Did you look at extending pam_namespace? > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk6YL2IACgkQrlYvE4MpobPL9gCeJ4/aKVMKiGoAjD+K5cD7paZR > xocAoJfTC3bYV/0Irzkp34eIwqClDCc4 > =yZh7 > -----END PGP SIGNATURE----- > _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel