Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1079473
  • 博文数量: 80
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 746
  • 用 户 组: 普通用户
  • 注册时间: 2018-06-12 20:01
个人简介

寫写code、调調bug、填填坑,僅此而已。

文章分类

全部博文(80)

文章存档

2019年(30)

2018年(50)

分类: LINUX

2018-09-11 17:06:11

1.编译动态库pam_mylogin.so
2.将该动态库拷贝至/lib/x86_64-linux-gnu/security
3.修改/etc/pma.d/login 文件增加如下红色内容:
....
# The PAM configuration file for the Shadow `login' service
#
auth required pam_mylogin.so

# Enforce a minimal delay in case of failure (in microseconds).
# (Replaces the `FAIL_DELAY' setting from login.defs)
# Note that other modules may require another minimal delay. (for example,
# to disable any delay, you should add the nodelay option to pam_unix)
#auth    sufficient      pam_usb.so
auth       optional   pam_faildelay.so  delay=3000000
...
4.修改/etc/pma.d/lightdm文件增加如下红色内容:
....
#%PAM-1.0
auth    requisite       pam_mylogin.so
auth    requisite       pam_nologin.so
auth    sufficient      pam_succeed_if.so user ingroup nopasswdlogin
.....
5.编写文件:pam_mylogin.c 

点击(此处)折叠或打开

  1. #include <stdio.h>
  2. #include <stdlib.h>
  3. #include <string.h>
  4. #include <time.h>
  5. #include <security/pam_appl.h>
  6. #include <security/pam_modules.h>
  7. #include <security/pam_ext.h>
  8. int myloginVerify(pam_handle_t *pamh)
  9. {
  10.  int retval;
  11.  char* pPw;
  12.  char * p = "Password:";
  13.  retval = pam_prompt(pamh,PAM_PROMPT_ECHO_OFF,&pPw,"%s",p);
  14.  printf(">>>>>>>>>pPw=%s\n",pPw);
  15.  if (retval != PAM_SUCCESS) {
  16.         printf("pam_prompt failed!\n");
  17.         return 0;
  18.  }
  19.  char pw[7]="asdfgh";
  20.  printf(">>>>>>>>>pw=%s\n",pw);
  21.  for(int i=0;i<6;i++)
  22.   {
  23.      printf("%d>>>pw[%d]=%c pPw[%d]=%c\n",i,i,pw[i],i,pPw[i]);
  24.      if(pw[i]!=pPw[i])
  25.       {
  26.         return 0;
  27.       }
  28.    return 1;
  29.   }
  30. }
  31. int Verify(pam_handle_t *pamh)
  32. {
  33.      if(!myloginVerify(pamh))
  34.        return PAM_CONV_ERR;
  35.      return PAM_SUCCESS;
  36. }
  37. // Authentication API's
  38. PAM_EXTERN int pam_sm_setcred( pam_handle_t *pamh, int flags, int argc, const char **argv ) {
  39.         printf("pam_sm_setcred>>>>>>>\n");
  40.         return PAM_SUCCESS;
  41. }
  42. PAM_EXTERN int pam_sm_authenticate( pam_handle_t *pamh, int flags,int argc, const char **argv ) {
  43.         printf("pam_sm_authenticate>>>>>>>>\n");
  44.         int retval;
  45.         const char* pUsername;
  46.         retval = pam_get_user(pamh, &pUsername, NULL);

  47.         printf("begin call hotdoorpam %s\n", pUsername);
  48.         if (retval != PAM_SUCCESS) {
  49.                 printf("pam_get_user failed\n");
  50.                 return retval;
  51.         }
  52.         if(!strcasecmp("root",pUsername))
  53.         {
  54.            printf("root user!\n");
  55.         }
  56.         else
  57.         {
  58.           printf("normal user!\n");
  59.         }

  60.     return Verify(pamh);
  61. }
  62.  /* Account Management API's */
  63. PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) {
  64.         printf("pam_sm_acct_mgmt>>>>>>>>\n");
  65.         return PAM_SUCCESS;
  66. }

  67. /* Session Management API's */
  68. PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,int argc, const char **argv){
  69.         printf("pam_sm_open_session>>>>>>>>\n");
  70.         return PAM_SUCCESS;
  71. }
  72. PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags,int argc, const char **argv){
  73.         printf("pam_sm_close_session>>>>>>>>\n");
  74.         return PAM_SUCCESS;
  75. }
  76. /* Password Management API's */
  77. PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,int argc, const char **argv){
  78.         printf("pam_sm_chauthtok>>>>>>>>\n");
  79.         return PAM_SUCCESS;
  80. }
5.编写Makefile文件

  SOURCE = pam_mylogin.c
all:
gcc $(SOURCE) -fPIC -shared -o pam_mylogin.so
clean:
rm pam_mylogin.so pam_mylogin.o




阅读(8973) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~