* Kurt Seifried | > PAM handles this quite nicely. | > | > I've hacked together a PAM module which sets TMPDIR (and TMP) to | > /tmp/user/uid, which I could probably make available (mail me if you | > are interested). Fixing programs to use TMP and TMPDIR is the correct | > solution. | | No need for that when we have "pam_env". From the docs "This module allows the | (un)setting of environment variables. Supported is the use of previously set | environment variables as well as PAM_ITEMs such as PAM_RHOST." | | /etc/security/pam_env.conf I couldn't get it to set TMP to something which was per-user (which is probably easy, but it wouldn't cooperate with me), and it doesn't (and shouldn't) create the tmpdir for you. This is implemented in a nicer (imho) way in pam_tmpdir which removes the need for world writable /tmp/user/ . An alternative which would be able to do the exact same thing is get pam_env to set TMP and TMPDIR and have a suid create-tmpdir-program which creates the /tmp/user/$UID . -- Tollef Fog Heen Unix _IS_ user friendly... It's just selective about who its friends are.
This archive was generated by hypermail 2b30 : Wed Apr 25 2001 - 23:47:33 PDT