例子:
利用已有的PAM模块(本例子主要是应用了pam_unix.so模块),这是一个简单的登录验证服务。
1、创建
PAM
配置文件:
vim /
etc
/
pam.d
/
my_pam
加入如下两行数据
auth
required pam_unix.so
account required
pam_unix.so
2、编译
gcc my_pam.c -lpam -lpam_misc -ldl -o
my_pa
m
3、测试用例代码如下
#include <stdio.h>
#include <stdlib.h>
#include <security/pam_appl.h>
#include <security/pam_misc.h>
#include <security/pam_modules.h>
#define MAXSIZE 128
#define SERVICE_NAME "my_pam"
int main(void) {
int res;
char user_name[MAXSIZE];
pam_handle_t *handle;
static struct pam_conv conv = {
misc_conv,
NULL
};
printf("UserName: ");
scanf("%s", user_name);
/* 1.初始化PAM模块 */
res = pam_start(SERVICE_NAME, user_name, &conv, &handle);
if (res == PAM_SUCCESS)
puts("pam service start!");
else
printf("%s\n",pam_strerror(handle, res));
/* 2.PAM的auth类型验证接口 */
res = pam_authenticate(handle, 0);
if (res == PAM_SUCCESS)
puts("passwd authenticate success!");
else
printf("%s\n",pam_strerror(handle, res));
/* 3.PAM的account类型验证接口 */
res = pam_acct_mgmt(handle, 0);
if (res == PAM_SUCCESS)
puts("account mgmt success!");
else
printf("%s\n",pam_strerror(handle, res));
/* 4.PAM模块结束,释放资源 */
res = pam_end(handle, res);
if (res == PAM_SUCCESS)
puts("pam service end!");
else
printf("%s\n",pam_strerror(handle, res));
return 0;
}
4、运行这个.c文件进行测试
./ 文件名(这是测试的命令)