"Andrey A. Chernov" <[EMAIL PROTECTED]> writes: > 1) When OPIE turned on in the system, not neccessary all users are > OPIE-ed, only those who listed in /etc/opiekeys. It means that > pam_opieaccess() module must do something only for valid OPIE users > listed in /etc/opiekeys and do nothing for others. I use opiechallenge() > check for it, and if it fails, return PAM_IGNORE.
Umm, you can't use opiechallenge() for that. You're not supposed to call opiechallenge() without also calling opieverify() (plus, I think opiechallenge() "consumes" a challenge). Use opielookup() instead. > 2) opiealways() return just opposite to what you might expect, see > /usr/src/contrib/opie/libopie/accessfile.c comment about it. Fixed by > removing "!" Right, thanks. DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message