On Tuesday 14 June 2005 23:24, James Yonan wrote: > When I was writing the auth-pam plugin, I had problems dynamically linking > the plugin to PAM unless OpenVPN itself was also dynamically linked to PAM > (which I didn't want to do).
What kind of problem did you encounter? It seems to work perfectly for me. > Remember that PAM itself is going to dlopen, > in turn, the actual PAM module. Combining dlopen with dynamic linking has > got to be problematic when you are dealing with crosslinked dependencies. I'm not sure what you mean by "crosslinked dependencies". The way I see it is: openvpn --(dlopen)--> auth-pam --(?)--> libpam.so --(dlopen)--> pam_unix.so I don't see why (?) should be (dlopen). Can you elaborate? dlopen(3) says: If the library has dependencies on other shared libraries, then these are also automatically loaded by the dynamic linker using the same rules. (This process may occur recursively, if those libraries in turn have depen- dencies, and so on.) Those rules are the same as used by ld.so, so there should be no "not found" problems. > dlopening PAM from the plugin seemed to solve all the problems, and > followed the approach that others took when accessing PAM from dynamic > modules. Can you name examples? The basic problem I am trying to solve (no, I'm not rummaging through this only because I have nothing better to do) is that auth-pam depends on "libpam.so" instead of "libpam.so.0.77". This means that I would need to add a dependency on pam-devel to my openvpn RPM instead of pam. This seems wrong. I've always believed that dlopen should only be used to open libraries shipped along with the calling binary, such as plugins. I'm trying to verify that with you.
