Patch to implement PAM support
Brought to you by:
mavey
Menu
▾
▴
#14 Patch to implement PAM support
I've developed a patch to integrate cntlm with PAM. It uses shared memory for process communication and checks user's uid in /proc/net/tcp for authenticity (only works in linux). It's very simple: first user logs in, then my pam module generates all ntlm's hashes and saves it in the shared memory; second: cntlm is started (with a new flag: -Z) and looks for user's uid in /proc/net/tcp (through client tcp port), then grab it's credentials from shared memory and voila'!!! Limitations: only works with Linux and cntlm runs in localhost (127.0.0.1) PS: Firefox only works with a 'hack': set user-agentto Mozilla 4.0 in cntlm.conf :( I've tested using websense and Windows 2003 domain.
View and moderate all "feature-requests Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Feature Requests"
pam_grabcreds patch
Thanks, that's great. Interesting idea, a bit of a hack perhaps, but if it works I don't complain. :) It will take some time to get to a new release.
You can check this patchin http://pamcntlm.sourceforge.net.
Thanks,
Roberto Gonzalez Azevedo