[systemd-devel] New pam module to start a session.
Stef Bon
stefbon at gmail.com
Fri Oct 14 01:34:09 PDT 2011
Hi,
I've rewritten an existing pam module pam_script. What it does:
. runs a script
. unshare the mount namespace (if configured, default yes)
if the directory to chroot to is specfied it does also:
. mount all the required directories like bin, lib, usr etcetera.
. chroot to this directory
See:
git clone git://gitorious.org/pam_script/pam_script.git pam_script
cd pam_script
Please some comments. Especially the starting of a session, is this
enough? If you look to the code you'll see that
I've copied from nspawn.c the check is_os_tree and mount_all
functions, and adjusted them a bit(is this ok?)
In nspawn a lot more is done but I'm not that familiar with these "low
level" operations. So please comment on this.
Stef
More information about the systemd-devel
mailing list