PAM-modules Manual (split by section):   Section:   Chapter:FastBack: groupmember   Up: Top   FastForward: Reporting Bugs   Contents: Table of ContentsIndex: Concept Index

10 Check NIS netgroup

The pam_innetgr module checks if the user and current host match a triple in the NIS netgroup supplied via the ‘netgroup’ argument. It returns success if so, and ‘PAM_AUTH_ERR’ otherwise.

Another possible return values are: ‘PAM_AUTHINFO_UNAVAIL’, if the input information was not sufficient (e.g. the username was not supplied, or the module was unable to determine the host or domain name), and ‘PAM_SERVICE_ERR’, if a generic error condition (such as a lack of memory) occurred.

In order to determine host and domain name parts, the following approach is used. First, the ‘gethostname’ function is called to obtain the hostname part. If the ‘getdomainname’ function is available, it is used to determine the domain part. If the resulting domain part is ‘NULL’ or the string ‘(none)’, the ‘gethostbyname’ function is invoked with the hostname as its argument. The returned name (technically speaking, the ‘h_name’ member of the ‘struct hostent’) is used as the canonical name of the server. It is split on the first occurrence of the dot character. The second part is used as the domain name. The options described below control this process.

This module can be used in any PAM service stack.

PAM-modules Manual (split by section):   Section:   Chapter:FastBack: groupmember   Up: Top   FastForward: Reporting Bugs   Contents: Table of ContentsIndex: Concept Index