堆栈内存溢出
  简体   繁体   English

PAM 在 C 中验证用户

[英]PAM authenticate a user in C

 原文  2020-10-03 13:48:04       c/ pam

问题描述

Ok, so I'm a pretty awful coder, and I'm wondering (as the title says) how I can authenticate a Linux user with PAM using C. The only thing I really understand is including the pam_appl.h and pam_misc.h header files, that I need to place pam_start and pam_end somewhere in my code, and not much else.好的,所以我是一个非常糟糕的编码器,我想知道(正如标题所说)如何使用 C 使用 PAM 对 Linux 用户进行身份验证。我唯一真正理解的是包含pam_appl.hpam_misc.h头文件,我需要将pam_startpam_end放在我的代码中的某个位置,而不是其他太多。 So how would I achieve what I'm looking for?那么我将如何实现我正在寻找的东西?

1 个解决方案

解决方案1
 0 已采纳  2020-10-03 15:36:30

You need to use the pam_authenticate function.您需要使用pam_authenticate函数。

Working with PAM requires answers that are a bit longer than the average StackOverflow answer;使用 PAM 需要的答案比 StackOverflow 的平均答案要长一些; but, fortunately there is an entire online book on the subject http://www.linux-pam.org/Linux-PAM-html/Linux-PAM_ADG.html但是,幸运的是有一本关于这个主题的完整在线书籍http://www.linux-pam.org/Linux-PAM-html/Linux-PAM_ADG.html

If you want to just get a code snippet, you can start with this one如果你只想得到一个代码片段,你可以从这个开始

#include <security/pam_appl.h>
#include <security/pam_misc.h>
#include <stdio.h>

static struct pam_conv conv = {
    misc_conv,
    NULL
};

int main(int argc, char *argv[])
{
    pam_handle_t *pamh=NULL;
    int retval;
    const char *user="nobody";

    if(argc == 2) {
        user = argv[1];
    }

    if(argc > 2) {
        fprintf(stderr, "Usage: check_user [username]\n");
        exit(1);
    }

    retval = pam_start("check_user", user, &conv, &pamh);

    if (retval == PAM_SUCCESS)
        retval = pam_authenticate(pamh, 0);    /* is user really user? */

    if (retval == PAM_SUCCESS)
        retval = pam_acct_mgmt(pamh, 0);       /* permitted access? */

    /* This is where we have been authorized or not. */

    if (retval == PAM_SUCCESS) {
        fprintf(stdout, "Authenticated\n");
    } else {
        fprintf(stdout, "Not Authenticated\n");
    }

    if (pam_end(pamh,retval) != PAM_SUCCESS) {     /* close Linux-PAM */
        pamh = NULL;
        fprintf(stderr, "check_user: failed to release authenticator\n");
        exit(1);
    }

    return ( retval == PAM_SUCCESS ? 0:1 );       /* indicate success */
}

Which will work with a correct PAM setup including这将适用于正确的 PAM 设置,包括

  You need to add the following (or equivalent) to the
  /etc/pam.d/check_user file:
  # check authorization
  auth       required     pam_unix.so
  account    required     pam_unix.so
 */

as detailed within the mentioned book.如上述书中所详述。 The original source of this code snippet can be found at http://www.linux-pam.org/Linux-PAM-html/adg-example.html此代码片段的原始来源可以在http://www.linux-pam.org/Linux-PAM-html/adg-example.html找到

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 跳过指纹读取器PAM模块以通过C应用程序的PAM进行身份验证 - Skip fingerprint reader PAM module to authenticate with PAM from C application C 中用于 SSHD 的自定义 PAM - Custom PAM for SSHD in C 如何在pam_ldap中获取当前的PAM用户? - how to get current PAM user in pam_ldap? 在Python / C中验证Windows服务器用户 - Authenticate windows server user in Python / C 为什么 ssh 登录时 pam_sm_authenticate 被调用两次? - why pam_sm_authenticate is called twice when ssh login? 在Linux PAM模块中检索用户命令 - Retrieve user command in Linux PAM module 如何使用PAM以明文形式检索用户密码? - How to retrieve user password in cleartext using PAM? 在rshd.c源代码中缺少pam_appl.h和pam_misc.h - pam_appl.h and pam_misc.h missing, in rshd.c source code 如何在ONVIF中验证用户身份? - How to authenticate user in ONVIF? 如何在 C 程序中通过 PAM 查询 sssd? - How can I query sssd via PAM in a C program?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM