On 01/27/2016 04:28 PM, Sumit Bose wrote:
On Wed, Jan 27, 2016 at 03:59:10PM +0200, Nikolai Kondrashov wrote:
To me it seems the easiest way. We can't dictate the user shell's command-line
options, we can only affect the environment. For simplicity's sake perhaps we
can just give pam_sss opaque strings to put into user's environment, so it
doesn't have to piece all the parameters together itself?
yes, pam_sss should get SSS_PAM_ENV_ITEM messages and no do any logic on
its own. See e.g. k5c_attach_ccname_msg().
Ah, cool! Thanks, Sumit :)
Now we need only decide what we'll pass that way and how.
Nick
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org
