"Andrey A. Chernov" <[EMAIL PROTECTED]> writes:
> 1) When OPIE turned on in the system, not neccessary all users are
> OPIE-ed, only those who listed in /etc/opiekeys. It means that
> pam_opieaccess() module must do something only for valid OPIE users
> listed in /etc/opiekeys and do nothing for others. I use opiechallenge()
> check for it, and if it fails, return PAM_IGNORE.
Umm, you can't use opiechallenge() for that. You're not supposed to
call opiechallenge() without also calling opieverify() (plus, I think
opiechallenge() "consumes" a challenge). Use opielookup() instead.
> 2) opiealways() return just opposite to what you might expect, see
> /usr/src/contrib/opie/libopie/accessfile.c comment about it. Fixed by
> removing "!"
Dag-Erling Smorgrav - [EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message